EnCase v6 Computer Forensics Philippines
Saved (0) | History (40)
Categories |

EnCase v6 Computer Forensics

1682 views | 0 post
Expire On: January 5, 2010 04:20PM

Advertisement Details

EnCase v6 Computer Forensics
Advertisement ID :
807541
Category : Computers and Software
Location : Mandaluyong City, Metro Manila
Ads Classification : Establishment
Address : unit 107 g/f, beacon plaza. cor.ideal st, shaw blvd mandaluyong city
Date Updated : 2 days, 14 hours ago (posted October 21, 2008)
Short URL : http://sulit.com.ph/807541

[ Save Ads | Get Embed Code | Bookmark | Twitter | Tell a Friend | Report ]

Description

"Global Knowledge IT Provider"
EnCase® v6 Computer Forensics
Inclusive of Training Materials,

 Certificate and AM/PM Snack and Lunch)
Venue:unit 107 g/f, beacon plaza. cor.ideal st, shaw blvd mandaluyong city
CPE credits: 32 | Level: Introductory | Prerequisites: Basic computer skills. Advance preparation for this course is not required.
This hands-on course involves practical exercises and real-life simulations. The class provides participants with an understanding of the proper handling of digital evidence from the initial seizure of the computer/media to acquisition, and then progresses to the analysis of the data. It concludes with archiving and validating the data. Delivery method: Group-Live.

Students attending this course will learn the following:
What constitutes digital evidence and how computers work
An overview of the EnCase Computer Forensic Methodology
Basic structures of the FAT and NTFS file systems
How to create a case and how to preview/acquire media
How to conduct basic keyword searches
How to analyze file signatures and view files
How to restore evidence
How to archive files and data created through the analysis process
How to prepare evidence for presentation in court
How to verify the evidence file
WHO SHOULD ATTEND
This course is intended for IT security professionals, litigation support and forensic investigators Participants may have minimal computer skills and may be new to the field of computer forensics.
DAY 1 OUTLINE
DAY 2 OUTLINE
ØEnCase Concepts
·Case File
·Evidence File
·Case File Backup
·Configuration Files
ØWhat constitutes Digital Evidence
·Computers as an instrumentality of the crime
·Computers as a repository of evidence
·Examples of mediums of storing digital evidence
ØHow Computer Works
·Power Sequence
oBIOS
oPOST
oEtc.
·Bits/Bytes/Hex/Binary
ØEncase Navigation
ØDiskette Preview / Acquisition
·Create Case
·Options
Day one provides an understanding of the proper handling of digital evidence from seizure to acquisition. Students receive a basic overview of how computers function, as well as the constitutes digital evidence
ØNTFS/FAT File Systems
·How these file systems track data
·What happens when a file is created
·What happens when a file is deleted
ØCreating a Boot Disk
·Why a forensically sound boot disk is needed
·Components of a forensically sound boot disk
ØHard Drive Preview and Acquisitions
·Physical disk versus logical drive
·Fastbloc
·DOS based via disk to disk
·DOS based via crossover cable
ØCreation of Keywords and Searching
·Global versus Case Specific
·Selecting Keywords
·Selecting where/what to search
·Viewing results
ØBookmarking/Preserving Findings
·Highlighting sections of data
·Pointing to file(s)
Day two begins with a discussion of the FAT file systems as well as an overview of the NT file system. Hard disk acquisition is covered, using both a forensically sound boot diskette, as well as a hardware write blocking device. Attendees will learn how to properly preview a computer system prior to acquisition, as well as explore keyword searching and bookmarking of relevant data.
DAY 3
DAY 4
ØFile Types
·Icons/Description column
ØBookmarking Techniques
·Pointing to file(s)
·Comments
·Organizing Report
ØSignature Analysis
·Search Button
·All or Selected
·Compares Extension to Header
·Interpreting results
ØInstalling External Viewers
·Link Application to EnCase
·Can link file extensions to Application
ØCopy/Unerase Options
ØRestoring Evidence
ØReacquiring an Evidence File
·Don't need original hardware to change options
·Quick Reacquisition
Day three includes more complex bookmarking of data, and examination of file signatures to accurately identify file types. Attendees will install external viewers within EnCase and learn how to copy data from within an evidence file. Students learn how to
restore an evidence file back to physical media and reacquire an evidence file with different options.
ØArchiving/Reopening an Archived Case
·What to archive
·Specify path to EnCase of Evidence file to reopen case
ØVerification of Evidence File
·Change 1 bit; EnCase detects change
·Manually re-verify at any time
ØTimeline
·Define four Date/Time stamps
ØWindows Artifacts
·User Accounts
·Recently Accessed Files
·Internet Cache
·Desktop/My Documents
ØSearching Unallocated Space
·Use file header for image
·Display image
Day four explores how to archive a completed case, as well as how
to reopen this case if needed in the future. Attendees will observe
how EnCase can detect and identify any changes to the content
of an evidence file, as well as take a detailed look at the Timeline
view within EnCase. Pertinent areas of interest within the Windows
operating system and user accounts are explored as well as locating
data in unallocated space.
EnCase® v6 Computer Forensics II on dec 14-17 2009
Fee: $1,200.00 12%VAT(Inclusive of Training Materials, Certificate and AM/PM Snack and Lunch)
Venue:unit 107 g/f, beacon plaza. cor.ideal st, shaw blvd mandaluyong city
CPE credits: 32 | Level: Intermediate | Prerequisites: EnCase® Computer Forensics I. Advance preparation for this course is not required.
This hands-on course is designed for investigators with strong computer skills, prior computer forensics training, and experience using the EnCase forensic software. This course builds upon the skills covered in the EnCase Computer Forensics I course and enhances the examiner's ability to work efficiently through the use of the unique features of EnCase.
*Students must understand evidence handling; the structure of the evidence file; creating and using case files; data acquisition methods including DOS based, hardware write protected, crossover cable and disk to disk; recovering deleted files and folders in a FAT environment; keyword searches across logical and physical media; creating and using EnCase bookmarks; file signatures and signature analysis; and locating and understanding Windows® artifacts. Delivery method: Group-Live.

Focusing on investigations common to the private sector, students will learn about the following:
How to create and use of logical evidence files
How to locate and recover deleted partitions and folders
How to conduct keyword searches and advanced searches using GREP
Students will gain an understanding of the EnCase Virtual File System (VFS) and Physical Disk Emulator (PDE)
Students will learn about the Windows® Registry
Students will learn how to deal with compound file types
How to export files, directories and entire volumes
How to identify files using hash values and building hash libraries
How to identify Windows XP operating system artifacts such as link files, recycle bin, and user folders
How to prepare reports and evidence for presentation in court
How to recover artifacts such as swap files, file slack, and spooler files
How to recover printed and faxed pages
WHO SHOULD ATTEND
This course is intended for IT security professionals, litigation support and forensic investigators. Participants should have attended the EnCase Computer Forensics I.
DAY 1
DAY 2
ØHow the EnCase Evidence File is Stored and Verified
ØEncase Forensic Edition Overview
·Data flow
·Navigating EnCase
ØLogical Evidence Files
·What are they?
·Why would I use them?
·How to create them
ØSingle Evidence Files
·What are they?
·Why would I use them?
·How to create them
ØSoftware Write Protection
·Fast Bloc SE
ØIntroduction to NTFS
·Understanding the Windows® New Technology File System
ØHandling Formatted or Repartitioned Media
ØPartition recovery
·Folder Recovery
Day one provides an understanding of EnCase concepts. Students will learn how an evidence file is acquired, verified, added to a case, and stored. They will learn how to create and use logical evidence files and single evidence files. Students will receive hands-on imaging training using FastBloc SE.
ØHash Analysis
·Using file hashes to improve accuracy and efficiency
ØCompound files
·An overview of compound files
·Mounting compound files
·Searching compound file types
Ø- Windows Registry
·Appropriate keywords
·How EnCase searches the evidence file
ØVFS / PDE
·Using Virtual File System
·Using Physical Disk Emulator
ØUsing GREP to focus searches. GREP allows the examiner to create concise keywords using control characters, reducing false positives and increasing efficiency.
Day two introduces the students to the process of analyzing the evidence. The hashing of files both as a means of identification and as a tool to speed up the searching process is covered.
Students also take a first look into the Windows Registry and learn how, why and when to use VFS and PDE. We continue to build on the students' skill sets, moving from general keyword
searches and file type analysis to advanced keyword searches using GREP.
DAY 3
DAY 4
ØQuickly locating file system artifacts unique to the NTFS file system
ØDe-constructing link files to reveal artifacts that indicate the who, what, when and where of file manipulation.
ØE-mail recovery and examinations including Microsoft Outlook, Outlook Express and
Øweb based e-mail.
ØRecovering and analyzing e-mail attachments
ØInternet history concepts and analysis using Internet Explorer
ØUnderstanding and recovering documents that have been printed
ØRecycle Bin analysis to reveal important information about deleted files
Day three moves to specific analysis of common artifacts that cannot normally be locatedthrough keyword searches. This analysis can often provide vital information to investigations by
revealing data that can provide a clear indication of a user's activities. We look at how EnCase handles common e-mail files and Internet history.
ØHandling and acquiring Flash Memory and artifacts
ØReporting
·How and what to report after the investigation is completed
·Using bookmarks we created to prepare a written report within the EnCase interface
·Exporting the report in an HTML or other format
On day four students learn how to utilize all of the techniques from the previous days to create a
readable, coherent report using EnCase.
GLOBALKNOWLEDGE PHILIPPINES, INC.
unit 107 g/f, beacon plaza. cor.ideal st, shaw blvd mandaluyong city
                   Tel No. 721-4380/393-8400






Tags: extrem ccna program, building scalable cisco internetworks, bgp border gateway protocol, cisco wireless lan advance topic, cisco ace family,

Automatic Keywords: encase forensic version 6 download, encase 6 rapidshare, download encase forensic, encase forensic rapidshare, download encase v6, encase v6 download, virtual forensic computing rapidshare, encase v6 rapidshare, encase 6 download, encase rapidshare

Posted By

Posted by : stanleyvillaflor
Member Since : October 20, 2008
Last Login : 2 days, 15 hours ago
Feedback : no feedback yet

Contact Details

Address : , Metro Manila - Mandaluyong City
Contact Nos. : 721-4380, 09286761481
Look For : stanley


Advertisement Discussion

Leave a message for the advertisement owner here (for members only). [ RSS Discussion RSS Feeds ]

No Public Message Yet

Disclaimer: Sulit.com.ph does not control the content posted by members and therefore assumes no responsibility and disclaims any liability for any consequence relating directly or indirectly to any action or inaction you take based on the content, information, services or other materials found in this system [ more details ]

[ Back to top ]
Go To: Advertisement Details | Description | Posted By | Contact Details | Advertisement Discussion
Home > All Categories > Establishments / Business Locator > Computers and Software

  • Batanes Photo Safaro | Talks / Workshops / Seminars | Paid
  • Buying Cars-for PERSONAL USE-US DOLLAR IN PAYMENT | Cars / Sedan | Wanted to Buy
  • SALES MANAGER.SALES CONSULTANT | Marketing / Sales | Available Jobs
  • Gateway Netbook | Computers | For Sale | P 19,000.00
  • GUITAR FOR SALE 1,5k | Musical Instruments | For Sale or Swap | P 1,500.00
  • GUITAR FOR SALE 1,5k | Musical Instruments | For Sale or Swap | P 1,500.00
  • UTHENTIC LOUIS VUITTON SPEEDY 25 IN BLUE EPI LEATHER | Luggages / Bags | For Sale | P 30,000.00
  • FOR SALE: HEAVY DUTY STEEL CAGE W/ MATTING FOR 4K OR SWAP W/ 2X3 TWO-DOOR ALUMINUM CAGE... | Accessories and Other Pet-related Items | For Sale or Swap | P 4,000.00
  • Advertising Business - 60 days ROI - $15000 Per Week Guaranteed Income | Investors | Wanted
  • VICTORIA'S SECRET GRAFITTI CLEAR TOTE BAG | Luggages / Bags | For Sale | P 1,500.00
  • n70 music edition 4.2k with pics!! | Cellphone / Cellular / Mobile Phone / Smartphone | For Sale | P 4,200.00
  • BULGARI ROSE ESSENTIELLE...VERY REASONABLE AND AFFORDABLE PERFUME MADE IN SINGAPORE | Health and Beauty | For Sale | P 1.00
  • AUTHENTIC CHANEL TOTE BAG ON SALE! | Luggages / Bags | For Sale | P 58,000.00
  • **********ladies must have this. | Bath / Cosmetics | For Sale
  • CPAP REMstar plus M series machine | Health and Beauty | For Sale | P 43,000.00
  • For sale or swap 97 toyota corolla | Cars / Sedan | For Sale or For Swap | 6 posts | 671 views
  • Looking For: any Laptop/Notebook (cheap and rush only) | Notebooks / Laptops | Wanted to Buy | P 10,000.00 | 2 posts | 22 views
  • FEMALE PRINCESS SHIH TZU PUPPY 8K | Dogs | For Sale | P 8,000.00 | 1 post | 97 views
  • DUMPTRUCK FUSO 8DC11. | Trucks / Trailers / Buses | For Sale | 1 post | 259 views
  • Fighting cock | Birds | For Sale | P 2,000.00 | 3 posts | 1363 views
  • FS:15inch mags for crv 97mdl 4pcs for only 6k rush!.. mags only no center caps. | Accessories / Parts for Cars / SUVs / Trucks / Vans | Others | P 6,000.00 | 9 posts | 502 views
  • BUYING: Dual Core Laptop RUSH | Notebooks / Laptops | Wanted to Buy | P 14,000.00 | 2 posts | 50 views
  • Try B4 You PAY: EPSON RESETTER for R230/T10 | Information Technology | Offered | P 60.00 | 20 posts | 3048 views
  • CPU Gaming set Intel Dual Core w/ 2ghz ddr2 mem | Desktops | For Sale | P 8,500.00 | 5 posts | 163 views
  • COMMERCIAL SPACE suitable for Salon, Retail, Drugstore, Bayad Center | Commercial / Industrial | For Rent / Lease | P 14,000.00 | 9 posts | 1981 views
  • Lil truck"fuego LS 00" | SUVs / AUVs / MPVs / Jeeps / 4WDs | For Sale | P 400,000.00 | 4 posts | 727 views
  • Healthplan Clerk Needed Immediately!!! | Local | Available Jobs | 1 post | 47 views
  • Siberian Husky Breeder | Dogs | For Sale or Swap | P 20,000.00 | 5 posts | 167 views
  • honda wave 2007 | Motorcycles / Scooters | For Sale | P 17,000.00 | 1 post | 227 views
  • Desktop CPU only!! rush!! 7k. repriced!! | Desktops | For Sale or Swap | P 7,000.00 | 1 post | 376 views
  • 98m honda crv m/t 358k | SUVs / AUVs / MPVs / Jeeps / 4WDs | For Sale | P 358,000.00 | 0 post | 613 views
  • Investing your 2.966 Million with fast ROI | Networking - MLM | Offered | 1 post | 75 views
  • For sale condo at Pasig | Apartment / Condominium | For Sale | P 1,400,000.00 | 0 post | 52 views
  • T-shirts | Clothing and Accessories | For Sale | P 94.00 | 1 post | 123 views
  • GOOD HEALTH & FINANCIAL EDUCATION. . . @ THE SAME TIME!! | Networking - MLM | Offered | 1 post | 353 views
  • White light - the worlds best and 1st sublingual glutathione! | Skin Care | For Sale | P 1,900.00 | 3 posts | 5829 views
  • ANTIPOLO - Murang Bahay! Thru Pag-IBIG.. P9616/month lang!! Murang Mura At Sobrang... | House | For Sale | P 1,168,000.00 | 0 post | 2196 views
  • Neem Lotion : Herbal Insect Repellant - NO DEET Safe for Kids! 250ml | Skin Care | For Sale | P 320.00 | 2 posts | 686 views
  • Bag manufacturing and printed umbrellas (for promos and other purposes) Guaranteed... | Souvenirs and Giveaways | For Sale | 22 posts | 9170 views
  • ►►►Certified Legit Online Jobs Work From Home For the Filipinos Worldwide | Internet / Online Programs | Offered | 117 posts | 25662 views
  • Charmed Shih Tzu Pups | Pets | For Sale | P 12,000.00 | 6 posts | 646 views
  • 19" HannsG HX191D Monitor with DVI color black | Monitors | For Sale | P 4,500.00 | 0 post | 44 views
  • SELLING MY RAGNAROK ACCOUNT NEW CHAOS W/ MYLU AND EMAIL | Toys, Video Games and Related Items | For Sale | P 3,000.00 | 0 post | 3643 views
  • █►1.47M!! RENT TO OWN! P15k/MO CYPRESS CONDOMINIUMS IN TAGUIG. UNITS STILL... | Apartment / Condominium | For Sale | P 1,446,000.00 | 9 posts | 40091 views
  • Work 24-7...CAN YOU? | Other Business Opportunities | Others | 28 posts | 1114 views

Download Sulit.com.ph Toolbar

Sulit.com.ph Toolbar

Help Us Spread the Word About Sulit.com.ph

If you have a website or blog, you can help us spread the word about our great community here. More people discovering our community means more people viewing your ads and more possible clients. You can use the HTML code below to display the Sulit.com.ph Banner.
Buy and Sell Philippines : Sulit.com.ph

Who is Online Online Users

13483 users online: 932 members [ view all ] and 12551 guests

[ Back to top ]
Register Now
Post a Free Ad
Premium Ads
Featured Item/Member
Shout Ads
Shout Your Ads
kinkin
earn $10 up to $1000 a month want to know how just click [view]
9 minutes ago
golbi
Your MLM business need NOT to be TOO EXPENSIVE! P400 is ENOUGH!!! [view]
10 minutes ago
eilrahcPRO
Food Cart Franchise.. [view]
10 minutes ago
eilrahcPRO
Need Extra Income?? Read This ! [view]
10 minutes ago
zillionmax
Online Advertising - 60 days ROI - $15000 Per Week Guaranteed Income [view]
17 minutes ago
cproperties
█► FOR SALE ** 1.27 HECTARES LOT ** MULTINATIONAL PQUE ◄█ [view]
21 minutes ago
sheservices
baradong CR? call for free inspection&estimate! pozo negro siphoning/de clogging [view]
24 minutes ago
LevelUp
█►Napaka Simpleng Extra Income Nasa Bahay lang Gamit ang computer◄█ [view]
38 minutes ago
alila
UNLIMITED cPanel Reseller 3000/year [view]
39 minutes ago
cproperties
█► FOR SALE ** 1.27 HECTARES LOT ** MULTINATIONAL PQUE ◄█ [view]
46 minutes ago
beachside
CHEAPEST!!! Nature's Way Alive! only P450 (90vcaps) plus $5 discount [view]
52 minutes ago
angeliavenido
TAX PROBLEMS? Free consultation call/txt 09212333173, 09202677397, (02) 4929017 [view]
1 hour, 5 minutes ago
cproperties
█► FOR SALE ** 1.27 HECTARES LOT ** MULTINATIONAL PQUE ◄█ [view]
1 hour, 17 minutes ago
angeliavenido
TAX PROBLEMS? Free consultation call/txt 09212333173, 09202677397, (02) 4929017 [view]
1 hour, 21 minutes ago
kuyamau
kuya mau of maupets puppet show host magician [view]
1 hour, 27 minutes ago
scja16
Wholesale fashion dress @ lowest price [view]
1 hour, 35 minutes ago
mallarim96
staying power of a lip and cheek tint,click me [view]
3 hours, 13 minutes ago
cproperties
█► FOR SALE ** 1.27 HECTARES LOT ** MULTINATIONAL PQUE ◄█ [view]
3 hours, 28 minutes ago
ritzylifestyle
Personalized Giveaways and Souvenirs! [view]
3 hours, 30 minutes ago
ameshen
Look Younger in 10 minutes !!! [view]
4 hours, 11 minutes ago
News / Announcements
More News / Announcements
Sulit Statistics
Total Members: 522895
Registered Last 24 Hours: 567

Total Ads Posted: 1754853
Posted Last 24 Hours: 2070

Total Ads Messages: 1886476
Posted Last 24 Hours: 2326

Total Private Messages: 3273438
Sent Last 24 Hours: 4137

Total Forum Posts: 2771275
Posted Last 24 Hours: 3870

Updated every 5 minutes
Follow Sulit.com.ph on Twitter
Sulit.com.ph
Proudly Pinoy
EnCase v6 Computer Forensics extrem ccna program, building scalable cisco internetworks, bgp border gateway protocol, cisco wireless lan advance topic, cisco ace family, - Computers and Software Mandaluyong City Metro Manila encase forensic version 6 download, encase 6 rapidshare, download encase forensic, encase forensic rapidshare, download encase v6, encase v6 download, virtual forensic computing rapidshare, encase v6 rapidshare, encase 6 download, encase rapidshare Philippines