Tiger Scheme Computer Forensic Investigator (CFI)
Tiger Computer Forensic Investigator (CFI)
« February 2012 »
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|
| | 1 | 2 | 3 | 4 |
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | |
A 3 day course designed for anyone who performs computer forensics investigations.
CFI Course available soon....
Please contact
emmie@encription.co.uk
if you wish to be placed on the waiting list. Thank you
More Information
Course Objectives
- Legal knowledge
- Understanding customer requirements
- Scoping of forensic investigation
- Planning and management of engagements
- Risk management throughout engagements
- Use of a suitable forensic investigation platform
- Compliance with current best practice guidance
- Physical considerations
- Analysis of artefacts
- Understanding of case limitations
- Preparation and presentation of forensic analytical results to both non-technical and technical audiences.
Key Points covered
- Relevant ACPO Guidance
- Forensic Imaging
- Data Carving Techniques
- Virtual Environments
- Audit Logs
- Malware Artefacts
- Live Memory Analysis
- Write Blocking
- Logical/Physical Acquisition
- File Analysis
- Operating System Differences
- File Partitions
- Master Boot Record and EFI
- NTFS, FAT16, FAT32, HFS, EXT3 and EXT4
- RAID
- Microsoft Office
- Pictures (JPEG, TIFF, GIF, etc)
- Postscript (PS)
- Executable (COEFF and ELF) and libraries (DLL and SO)
- Movie (AVI and MPEG)
- Web (HTML)
- XML and SGML
- Scripts and Batch files
- Command Files
- Shortcuts (*.Ink etc)
- Recycle Bin (INFO2 etc)
- File structures and Access Control Lists, including:
- Access Rights
- Creation, modification and access times
- Slack Space
Login
