Information Sharing and Analysis Center

India's leading non-profit foundation advancing national cyber security and professional ethics at workplace

NSD Empaneled ISAC CERTIFIED

Forensic Investigator (ICFI)

The ISAC Certified Forensic Investigator is a 24 hours (12 sessions) live Instructor-led program that covers essential training on handling investigations with Windows and Linux systems. Gain real-world forensic investigation skills with hands-on labs fully hosted on the cloud from Cyberange. 

Available on GeM

Data Forensics. Digital Forensic Investigator at Work

PROGRAM

Features & Benefits

ISAC Community

  • Get exclusive access to ISAC Community
  • Enhance your profile credibility globally
  • Eligible for NSD Empanelment

30 Days Access to Cyberange Virtual Labs

  • Exclusive labs
  • Real-world scenarios for practice
  • Cloud-based labs with new challenges added every month!

VALUE ADDITION : PROFESSIONAL ETHICS AT WORKPLACE TRAINING AND CERTIFICATION

Get NSD Empanelment Today!

Learn everything to get started Forensics Investigations.

Course Outcome

  • Explain various computer forensic techniques/phases
  • Demonstrate the knowledge of forensic examination related to Microsoft Windows and Linux artifacts
  • Analyze different disk drives and file systems used in different operating systems
  • Understanding of Anti-forensics techniques
  • Apply various tools during real world forensic investigation

Module 1 – Digital Forensics: Process, Tools & Techniques and Research Challenges  

  • History of Digital Forensics
  • Stages of Digital Forensics
  • Digital Evidence and its properties
  • Chain of Custody
  • Tools and Techniques in Digital Forensics

Module 2 – Understanding Hard Disks and File Systems (NTFS & Ext4)

  • Disk Drives and their characteristics
  • Understanding Hard Disk Partitions
  • Booting Process in different Operating Systems
  • Slack Space
  • Metadata in NTFS and Ext4 file systems

Module 3 – Data Acquisition: Imaging and Cloning 

  • Hashing and Write Blockers
  • Forensics Imaging in Kali Linux using dd, dcfldd, dc3dd
  • Imaging using FTK Imager

Module 4 – File Systems Analysis using TSK  

  • Analyzing disk images using TSK utilities

Module-5: Windows Forensics 

  • Registry Forensics
  • Recycle Bin Forensics
  • Jump List Forensics
  • SRUDB.dat forensics
  • Prefetching in Windows
  • Program Executions Artifacts

Module-6: Anti-forensics and Anti-anti-forensics

  • Data Hiding into Slack Space
  • Secure Deletion
  • Timestomping

Module-7: Volatile Memory Forensics

  • Why/What Memory Forensics
  • Volatility Configuration
  • Volatility Analysis
  • Windows Memory Analysis

Module-8: Linux Forensics

  • Basic Linux Commands
  • File Hierarchy Standard
  • Hunt Users and Groups
  • File Hunting
  • Failed logins and Actors IP address
  • Timestamps and Deleted files in Journal

Module-9: Email and Drone Forensics

  • Examining Email messages
  • Email Server Examination
  • Tracing emails
  • Email Forensics Tools
  • Introduction to Drone forensics and challenges

Module-10: Password Recovery

  • Password Cracking Methods
  • Password Cracking Tools
  • Hashcat for Windows password cracking

Instructors

Dr Bhupendra Singh


ISAC Certified Instructor
Assistant Professor, Dept. of Computer Science & Engg. Indian Institute of Information Technology (IIIT), Pune

Upcoming Events:

No event found!
Load More

You will get weekly assignments and research work to enhance your course understanding. 

Who Should Attend

The course is best suited for:

  • Security Researchers
  • Students and Professionals keen in Forensics Investigations
  • Security Teams
  • Law Enforcement Agencies
  • Military and police personnel

Examination

24 Hours Lab Exam under the Information Sharing and Analysis Center

What you get

Get 40 days access to Cyber Range Virtual Labs - Practice with predefined vulnerable Applications and Kali OS Distribution in the cloud, in an exclusive private network only for you!

Get access to course videos on the ISAC e-learning portal, updated regularly!

The program includes Clean Exit Professional Ethics Certification that is mandatory for empanelment in the National Security Database.

Get listed in the National Security Database program at the Falcon level by completing the program.

40 Days Access to Cyber Range Virtual Labs

The ISAC Forensic Investigator is a fully hands-on program! You get access to Cyber Range Virtual Labs for 30 days. Gain practical knowledge and fundamental skills with multiple vulnerable applications and Kali OS Distribution on the cloud exclusively for you.
Hands On Labs