Difseco Training DIF01 Digital Forensics Foundations
About the Course
Digital Forensics Foundations (DIF01) is a beginner-level course, designed for participants who are unfamiliar with the principles of digital forensics.
Course Information
LESSON 1: DEFINITION OF DIGITAL FORENSICS
Digital Forensics Process
Standard Policies and Procedures
Chain-of-custody
Case Managment Overview
LESSON 2: UNDERSTANDING BIT AND BYTES WITHIN DATA STORAGE
Understanding Bits n Bytes
Hexadecimal (HEX)
Conversion between Hexadecimal, binary and decimal
ASCII
Unicode
LESSON 3: BASICS WITHIN WINDOWS OPERATING SYSTEM
The Basics of Terminology
Physical versus Logical file size
File Systems quick overview
FAT (File Allocation Table)
FAT Volume File Slack
NTFS (New Technology File System)
Volume Bitmap $Bitmap within NTFS Volume
Master File Table $MFT within NTFS Volume
LESSON 4: FORENSICALLY SOUND ACQUISITION CONCEPT
Considerations and Approach
Evidence File Formats
Raw Images
Evidence File Formats
Cyclical Redundancy Check (CRC)
Evidence File Format and Structure
Hashing and Verification
LESSON 5: DIGITAL FORENSICS INVESTIGATION
Case Setup using Magnet Forensics AXIOM Process
Evidence Source Types
Artifacts
Navigating Magnet Forensics AXIOM Examine
Digital Forensics Investigation Checklist and Overview
LESSON 6: CLOSING THE INVESTIGATION
Things to consider
Creating the Report
Exporting and External Review
Magnet Forensics AXIOM REVIEW
Additional Information
Who Should Attend:
Participants who are unfamiliar with the principles of digital forensics
Advanced Preparation:
None
Program Level:
Beginner-level
Delivery Method:
Live & Online
Additional Information:
Lunch and refreshments are included for all Live classes