Understanding Computer Forensics
Why and When Do You Use Computer Forensics?
Cyber Crime (Types of Computer Crimes)
Case Study
Challenges Cyber Crimes Present For Investigators
Cyber Crime Investigation
Rules of Forensics Investigation
Understanding Digital Evidence
Types of Digital Evidence
Characteristics of Digital Evidence
Role of Digital Evidence
Sources of Potential Evidence
Rules of Evidence
Forensics Readiness
Computer Forensics as part of an Incident Response Plan
Need for Forensic Investigator
Roles and Responsibilities of Forensics Investigator
What makes a Good Computer Forensics Investigator?
Investigative Challenges
Legal and Privacy Issues
Code of Ethics
Accessing Computer Forensics Resources
Importance of Computer Forensics Process
Phases Involved in the Computer Forensics Investigation Process
Pre-investigation Phase
Setting Up a Computer Forensics Lab
Build the Investigation Team
Review Policies and Laws
Establish Quality Assurance Processes
Data Destruction Industry Standards
Risk Assessment
Investigation Phase
Investigation Process
Computer Forensics Investigation Methodology: First Response
Computer Forensics Investigation Methodology: Search and Seizure
Computer Forensics Investigation Methodology: Collect the Evidence
Computer Forensics Investigation Methodology: Secure the Evidence
Computer Forensics Investigation Methodology: Data Acquisition
Computer Forensics Investigation Methodology: Data Analysis
Post-investigation Phase
Evidence Assessment
Documentation and Reporting
Testify as an Expert Witness
Hard Disk Drive Overview
Disk Partitions and Boot Process
Understanding File Systems
RAID Storage System
File System Analysis
Data Acquisition and Duplication Concepts
Static Acquisition
Validate Data Acquisitions
Acquisition Best Practices
What is Anti-Forensics?
Anti-Forensics techniques
Data/File Deletion
Password Protection
Steganography
Data Hiding in File System Structures
Trail Obfuscation
Artifact Wiping
Overwriting Data/Metadata
Encryption
Encrypted Network Protocols
Program Packers
Rootkits
Minimize Footprint
Exploiting Forensic Tools Bugs
Detecting Forensic Tool Activities
Anti-Forensics Countermeasures
Anti-Forensics Challenges
Anti-forensics Tools
Introduction to OS Forensics
Windows Forensics
Collecting Volatile Information
Collecting Non-Volatile Information
Analyze the Windows thumbcaches
Windows Memory Analysis
Windows Registry Analysis
Cache, Cookie, and History Analysis
Windows File Analysis
Metadata Investigation
Text-Based Logs
Other Audit Events
Forensic Analysis of Event Logs
Windows Forensics Tools
Linux Forensics
Shell Commands
Linux Log files
Collecting Volatile Data
Collecting Non-Volatile Data
MAC Forensics
Introduction to MAC Forensics
MAC Forensics Data
MAC Log Files
MAC Directories
MAC Forensics Tools
Introduction to Network Forensics
Fundamental Logging Concepts
Event Correlation Concepts
Network Forensic Readiness
Network Forensics Steps
Network Traffic Investigation
Documenting the Evidence
Evidence Reconstruction
Introduction to Web Application Forensics
Web Attack Investigation
Investigating Web Server Logs
Web Attack Detection Tools
Tools for Locating IP Address
WHOIS Lookup Tools
Database Forensics and Its Importance
MSSQL Forensics
MySQL Forensics
MySQL Forensics for WordPress Website Database
Introduction to Cloud Computing
Cloud Forensics
Cloud Crimes
Cloud Forensics Challenges
Introduction to Malware
Introduction to Malware Forensics
General Rules for Malware Analysis
Types of Malware Analysis
Analysis of Malicious Documents
Malware Analysis Challenges
Email System
Email Crimes (Email Spamming, Mail Bombing/Mail Storm, Phishing, Email Spoofing, Crime via Chat Room, Identity Fraud/Chain Letter)
Email Message
Steps to Investigate Email Crimes and Violation
Email Forensics Tools
Laws and Acts against Email Crimes
Mobile Device Forensics
Why Mobile Forensics?
Top Threats Targeting Mobile Devices
Mobile Hardware and Forensics
Mobile OS and Forensics
What Should You Do Before the Investigation?
Mobile Forensics Process
Writing Investigation Reports
Expert Witness Testimony
Dealing with Media