Course Overview
This training teaches from lifting the chain of custody, to processing and searching for digital evidence on Windows, Linux and Mac. From analyzing metadata to analyzing processes in RAM or Recovering deleted information.
Who should attend
- Internal auditors
- Public Security Agencies and ▪Investigation
- Law enforcement
- Security Officers
- Security Analysts
- Professionals who need to protect their systems
Prerequisites
- Network and Linux knowledge
- Knowledge on microsoft active directory platform
- Previously take G | SIA training
Course Objectives
- Lift digital evidence to be used in court
- Make a forensic analysis on different platforms, but with a focus on Windows 7/8/10 and Windows 8, Windows 10, Windows Server 2008/2012/2016
- Analyze attacks against windows, Linux and OSX platforms even if the information was deleted
- Identify malware and advanced attacks in memory
- Make research on smartphones
- Create an expert report with evidence that can be presented in court