Introduction to Computer Forensics (2 Days)
Course Title: Introduction to Computer Forensics
The Introduction to Computer Forensics two day course provides attendees with an improved knowledge of digital forensic examinations, and shows how evidential findings are applied within criminal and civil cases.
The course provides an overview of the tools and techniques used, the types of digital storage media likely to be encountered, and clear explanations of the terminology and software commonly found within cases involving computer evidence. The course also highlights the areas of law most relevant to cases involving digital forensic evidence.
Finally, the course reviews the topics covered in relation to two actual cases. This part of the study assesses the documentary evidence paper trail, the forensic examination, findings, and the eventual outcome of the cases.
The course comprises a more detailed look at topics covered on the one day course, plus further units on additional aspects of digital forensics.
- Introduction to Computer Forensics and Computer Evidence
- Types of digital storage media
- An explanation of common terms encountered in computer evidence cases
- Physical and Logical Partitions
- Explanation and demonstration of file Time/Date Stamps
- An overview of the operation of IP addresses
- Software commonly encountered when dealing with computer forensic evidence
- Practical group demonstration and examination of Peer-to-Peer software
- A review of Stated Cases involving computer forensic evidence
- Review of two case studies to highlight areas covered by the course
Intended learning outcomes:
Upon completion, students should have a fundamental understanding of Computer Forensics, i.e. a basic knowledge of the process, application, and effectiveness of digital forensics, and how resultant evidence can be applied within legal cases.