Forensic Analysis: Cybercrime Investigations
Cybersecurity
| Intermediate
- 17 videos | 1h 37m 19s
- Includes Assessment
- Earns a Badge
Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this course
define packet capturing and outline how it relates to CyberOps forensics
define network forensics and describe some types of vulnerabilities
demonstrate the use of packet capturing to gain intelligence from an attack
illustrate how to reconstruct artifacts and files from a PCAP file using Wireshark
define volatile data and identify the possible data contained within
compare available tools used to analyze a computer's memory
demonstrate how to use the volatility framework to process extraction of computer memory
describe the Windows Registry and recognize the valuable information stored within -
navigate the Windows Registry and use it to locate changes made a to system
differentiate between Windows Registry tools and the techniques used for analyzing changes to the registry
differentiate between categories of digital evidence, including computer, mobile, network, and database
outline how to gather digital evidence, including identification, collection, acquisition, and preservation
identify tools available for computer forensic analysis and their features
describe the features of the SIFT computer forensics tool
illustrate how to mount evidence using SIFT
summarize the key concepts covered in this course
IN THIS COURSE
-
1m 36s
-
5m 58s
-
3. Network Forensics6m 1s
-
4. Capturing Network Traffic8m 15s
-
5. Working With PCAP Files9m 9s
-
6. Volatile Data6m 52s
-
7. Memory Forensics Tools6m 40s
-
8. Using the Volatility Framework13m 22s
-
9. Windows Registry4m 14s
-
10. Locating Evidence Within the Registry11m 40s
-
11. Registry Analysis Tools2m 31s
-
12. Categories of Digital Evidence5m 22s
-
13. Gathering Digital Evidence3m 23s
-
14. Computer Forensic Analysis Tools3m 17s
-
15. SANS Investigative Forensic Toolkit (SIFT)2m 16s
-
16. Analyzing Evidence Using SIFT5m 30s
-
17. Course Summary1m 14s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
