Computer crimes call for forensics specialists, people who know how to find and follow the evidence. This course examines the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. In this course, you will learn about computer crimes, forensic methods,and laboratories and addresses the tools, techniques,and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.

In addition to premium instructional content from Jones & Bartlett Learning’s comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized “virtual sandbox” learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice “white hat” hacking on a real IT infrastructure-these are not simulations. Winner of the “Security Training and Educational Programs” top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry’s leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 200 hours of training exercises on how hackers and perpetrators use these applications and tools.


This course covers content within the following industry certification exam:

  • Certified Information Systems Security Professional (CISSP) – two content domains covered

Course duration:

5 days

 What You’ll Learn

  • The role of computer forensics in responding to crimes and solving business challenges
  • System forensics issues, laws, and skills
  • Purpose and structure of a digital forensics lab
  • Evidence life cycle
  • Procure evidence in physical and virtualized environments
  • Impact of sequestration on the evidence-gathering process
  • Collect evidence in network and email environments
  • Automated digital forensic analysis
  • Report investigative findings of potential evidentiary value
  • Constraints on digital forensic investigations

Who Needs to Attend

  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization


General knowledge of networking and management information systems

Course Outline

1. The System Forensics Landscape

  • Introduction to Forensics
  • Overview of Computer Crime
  • Forensics Methods and Labs

2. Technical Overview: System Forensics Tools, Techniques, and Methods

  • Collecting, Seizing, and Protecting Evidence
  • Understanding Information-Hiding Techniques
  • Recovering Data
  • Email Forensics
  • Windows Forensics
  • Linux Forensics
  • Mac Forensics
  • Mobile Forensics
  • Performing Network Analysis

3. Incident Response and Resources

  • Incident and Intrusion Response
  • Trends and Future Directions
  • System Forensics Resources


Lab 1: Perform a Byte-Level Computer Audit

Lab 2: Apply the Daubert Standard on the Workstation Domain

Lab 3: Create a Forensic System Case File for Analyzing Forensic Evidence

Lab 4: Uncover New Digital Evidence Using Bootable Utilities

Lab 5: Automate Digital Evidence Discovery Using Paraben’s P2 Commander

Lab 6: Apply Steganography to Uncover Modifications to an Image File

Lab 7: Decode an FTP Protocol Session and Perform Forensic Analysis

Lab 8: Automate Image Evaluations and Identify Suspicious or Modified Files

Lab 9: Craft an Evidentiary Report for a Digital Forensics Case

Lab 10: Perform an Incident Response Investigation for a Suspicious Login