Windows Digital Forensics Course ICDFW (ICDFEN)


Descripción

Course in Digital Forensics based on Windows environments.

In this course the student will learn to develop to the maximum their capacities as a forensic specialist in Windows

The course makes a deep analysis of the phases, acquisition of evidence and location of forensic artifacts.
The course is 100% oriented to practice with real evidence.

iHackLabs will supervise the implementation of the program.

The purchase of this course implies acceptance of the terms and conditions of the program.

Terms and Conditions in:
https://www.ihacklabs.com/en/terms-and-conditions/

Contenido
  • introduction
  • Certification Manual ICDF V1.0 EN
  • Digital Forensics Guide Lab V1.0
  • VPN_Configuration_Guide v 1.0
  • VPN_Settings
  • Module 1: Introduction to Digital Forensics and Evidence Acquisition
  • Windows Digital Forensic - Module 1
  • 001-Pendrive_Acquisition
  • 002-Caine_Computer_Acquisition
  • 003-Physical Pendrive Acquisition
  • 004-Logical Pendrive Acquisition
  • 006-LiveResponse Collection
  • Test Module 1
  • Module 2: File System
  • Windows Digital Forensic - Module 2
  • 001-Identify partitioning
  • 005-Utilización Arsenal Image Mounter
  • 002-BootSector Metadata
  • 003-Identification of MFT records deleted with Active Disk
  • 004-dentification of files deleted with FTK
  • 005-Identifying Low-level Attributes
  • 006-MFT Analysis
  • 007-LogFile Analysis
  • 008-USNJOURNAL Analysis
  • 009-ADS Analysis
  • 010-INDX Analysis
  • 011-Shadows Analysis
  • 012-Photorec
  • 013-Bulk Estractor
  • 014-Autopsy
  • 015-Timeline
  • 016-Exif Tool
  • Test Module 2
  • Module 3: Windows Forensic Artifacts
  • Windows Digital Forensic - Module 3
  • 001-Registry Explorer
  • 002-RegRipper
  • 003-WRR
  • 004-LinkParser
  • 005-LECMD
  • 006- JumlistExplorer
  • 007-ShellbagExplorer
  • 008-USB Detective
  • 009-Kernel OST Viewer
  • 010-Rifitu
  • 011-Prefetch
  • 012-SRUM
  • 013-Shimcache
  • 014-Amcache
  • Test module 3
  • Module 4: Windows Events
  • Windows Digital Forensic - Module 4
  • 001-System Events
  • Test Module 4
  • Module 5: Windows 10
  • Windows Digital Forensic - Module 5
  • 001-Windows Notifications
  • 002-Timeline
  • 003-BAM
  • Test Module 5
  • Module 6: Browsers Forensics
  • Windows Digital Forensic - Module 6
  • 001-Internet Explorer
  • 002-Firefox
  • 003-Chrome
  • 004-Sqlite
  • Test Module 6
  • Module 7: Analysis of Cloud Storage Agents
  • Windows Digital Forensic - Module 7
  • 001-SQLITE Dropbox Decryption
  • Test Module 7
  • Module 8: Antiforensics
  • Windows Digital Forensic - Module 8
  • Test Module 8
  • REPORTS
  • Digital_Forensic_Technical_Report_template_EN.pdf
  • Digital_Forensic_Expert_Report_template_EN.pdf
  • COMPROMISED NETWORK EVALUATION - OPTIONAL
  • FORENSIC_6
  • FORENSIC_4
  • FORENSIC_2
  • FORENSIC_8
  • FORENSIC_10
Reglas de finalización
  • Todas las unidades deben ser completadas