Digital Forensics Workshop

No matter how much we invest in security there is no guarantee that information system shall be completely secure.

However, RNTrust decreases such danger to the lowest possible level by introducing computer forensics systems and providing advice about its utilization.

Computer forensics is defined as gathering, protection and analysis of evidences in digital form as well as their presentation as material evidence in later court procedures. In cooperation with the leading forensics software companies we implement computer forensics systems, equip and setup forensics laboratories and provide profession education.

Such approach to computer forensics allows our clients easier investigation of attacks on computer systems by monitoring work of all company’s computers and recording exchange of electronic documents in great detail. By using different platforms, users are able to image a computer disk that is under investigation and to search it according to specific traces of an operative system and key words (as opposed to normal search by key words, different tools allow searching for deleted files, unallocated disc space, temporary files, swap files, File Slack, resident files in Master File Table, as well as .zip or similar files). Furthermore, automatic reporting is also available. The generated reports can be presented as evidence documentation.

Upon implementation of different solution platform, we have become a key reference for computer forensics in Croatia and in the Region.

Digital  forensics consists  of collection , analysis and presentation of evidence that can be found on PC, Servers, Computer networks, Databases, Mobile devices and any other  data storage electronic device .It exists  since the early days of data storage on computers including storage of  data that can be used  as evidence. For a long time, it was used only in Government agencies, but recently it has become a common practice in Private sector.

Owing to its complexity, Digital forensic should be divided into several Branches. With resulting need for specialization of forensic experts for every separate branch, it’s broadly divided into –

  • Computer Forensics
  • Mobile devices forensics
  • Internet forensics
  • Network forensics
  • Database forensics 

RNTrust Workshop options allow you to create a custom training program for any group of 5 students or more, anywhere in the world.

With options for commercial groups and government organizations, private information security workshop will be specifically designed to meet your needs using top technology and instruction. At the end of each course, all participants will take an exam and after successful completion will be given an official certificate with CPE points for passing the course.

We bring our world-class courses to your location so you can conveniently train your team. With an assigned Account Manager, we will work with you one on one to ensure you receive the quality workshop experience you know and expect from us.

For further information, please contact us at workshop@rn-trust.com or call 800-RNTrust (7687878).


Approach and Methodology

In order to ensure excellent experience and workshop environment, we have a fully equipped classroom in which workshop courses are held. Each course can be attended by minimum 3 participants and maximum 15 participant’s .If required by client, we are able to deliver tailor made courses at client’s premises also .Participant attendance is carefully monitored and after completing the course each participant is awarded with appropriate certificate. 


Courses

Whether you're new to the field, a seasoned professional, or an experienced leader in the industry, our course will deliver the knowledge you need, along with relevant & practical hands-on skills you can use immediately.

We offer a number of workshop programs in the field of digital forensics, which are not related to specific product but with the aim to cover various principles and procedures of digital forensic. These workshops are enhanced and modified on a regular basis, in line with the latest developments in digital forensic and computer security. This approach offers a comprehensive overview of all the digital forensics and enables the attendees to acquire knowledge for further independent work.


General Courses

Computer Hardware / Duration 1-2 days

The goal of this workshop is to provide general knowledge of PC components that are the subject of every investigation in the field of digital forensics. Having a good understanding of components that can be found in desktop computers, servers, laptops and all peripherals are must for every digital forensics investigator. Attendees will go through o series of hands on exercise, handle, dismantle and put back together almost every PC component. They will gain understanding of basic tools and procedures in this area and gather useful references for further education in the field.

Digital Forensics / Duration 3-5 days

It’s a course that presents fundamentals of computer forensics. Understanding forensics artifacts and advanced forensic capabilities is an essential component of information security .This workshop is designed for computer forensics professionals .It guides students   through fundamental workshop tasks with close assistance of coaches, with student to teacher ration not greater than 8:1. The training will provide knowledge of computer architecture, hardware devices and interfaces, storage media organization, file systems, Microsoft window operating system artifacts and forensic methodology to the participants.

Mobile Forensic / Duration 3-5 days

This course can be Basic /intermediate/ advanced as per client requirements. It covers all the essentials you will need to get started in mobile forensics using various tools. The information provided is extensive and covers all aspects of SIM Cards, Memory Cards, and feature phone, GPS Navigation device, Smartphones, IOS application, Android application etc.

Linux Forensic / Duration 5 days

This course will provide participants the knowledge of Linux operating system, comparison with Microsoft windows operating system, Linux distributions, Basic commands and system variable .Participants will learn how to perform forensic steps and how to collect and properly analyze data under Linux operating system .Course will cover essential components and main areas of the operating system (LINUX kernel essentials, Service start up, Scheduled jobs, Processes). Finally participants will learn about the concepts of forensic analysis Linux – based system: retrieving operating system details, description of system setup including review of system environment, user of the system & protected areas (jails and sandboxes).

Internet Forensic / Duration 4 days

This program is designed to provide participants with basic knowledge of the internet, computer networks, web browsers, email, cloud computing and wireless technology along with forensic analysis of internet artefacts. Through a combination of lectures , instructor led  and independent  hands on practical  exercises, participants will learn  the underlying principles  of computer networks and enhance  their ability to conduct  forensic examinations  of the popular software’s clients used on the internet  today, for both law and un law purposes. The course will cover the following topics: Network fundamentals, the Domain Name system, World Wide Web or Internet Fundamentals, Web browsers, Email Tracing and Peer to Peer networks, Cloud services and Home Wireless Networks.

Mac Forensic / Duration 5 days

This course will provide participants with the basic knowledge of Mac forensics. The course starts with Apple and Mac history, presentation of course with purpose, methodology and contents. It is important to examine Mac Data. The course will cover HFS +   and MAC OS volume structure. Participants will learn to examine Macintosh disks and disk images and how to examine encrypted disk images. They will also become familiar with MAC OS X operating system artifacts, other OS settings and user specific Mac OS X operating system artifacts.

Triage Procedures / Duration 5 days

Triage is the process of reviewing data to determine the appropriate action based on the severity of the situation and the importance or relevance of the data. In this course, participants will learn all about triage procedures, from arriving from the crime scene to the complete triage data on the target machine in just few minutes. The aforementioned skills are critically important in situations when time is the essence. Participants will also learn how to work with the most popular tools for digital forensic evidence triage.

Window Forensic / Duration 5 days

The program is designed to provide participants the detailed study of windows operating system. This will be done through a variety of lectures, instructor-led and independent on practical exercise and independent laboratory activities. Participants will study the windows operation system in more detail and more specifically dealing with critical forensic focus. This program will focus on how the windows operating system works “under the hood” so that participants have a better understanding of how various operating system artifacts are created, why certain artifacts appear and how these artifacts can be leveraged for forensic and investigative purposes.

Live Data Forensics / Duration 5 days

This course will give participants an insight into the domain of live data forensics, including memory data from a running machine. The course starts with hand overview of live data forensic concepts and their relevance. The main objective is to show how to acquire RAM from running computer and how to analyze it thoroughly, how to process Windows, Linux or a MAC system, how to analyze network traffic, open ports, established connections and system process. Furthermore there is a section covering  malware analysis  from a RAM dump  which stimulates full case scenario  .This is an advanced  course , mostly providing  very brief theoretical overview  and requiring comprehensive  knowledge  of windows system and networking .


Tailor made Course

In addition to standard workshop programs presented so far, RNTrust also offers wide range of management and skill based courses that can be tailored to meet the client’s needs . Tailor made courses provide the customer with an opportunity to fully focus on their learning and development needs, specific to their company culture and strategic goals. Our partners can develop a competency – based hands on workshop program that will be ideal for the client specific environment. With interested customer, we can offer specific skills, strategies and appropriate delivery style to achieve the objectives, develop the content, design exercises and activities for active participation and follow up.  Customization also includes adjustment of workshop duration in order to meet client’s goals and expectations.


Specific Course

Based on so many years of experience with providing various courses in the field of Digital forensics, we have developed some specialized course. They were created based on our extensive experience and collaboration with a number of clients who required and requested additional skills to be developed for their experts. At the end of the each course, all participants will take an exam and after successful completion will be given an official certificate with CPE points for passing the course. Few of the courses are:

  • Advanced JTAG Mobile Forensic

  • Window 10 Forensic

  • Network Forensic Basic

  • Scripting for Digital Forensic Investigator (SCRIPT)

  • Password recovery workshop

  • Train the Trainers

  • Managing Digital forensic Lab

  • Malware ForensicsOpen Source Intelligence (OSINT)

  • WIFI Exploitation

WORKSHOP PROGRAM DATE:


INCIDENT RESPONSE - 29/09/2019 - 03/10/2019  

BOOK NOW

 


WINDOWS FORENSICS - 06/10/2019 - 10/10/2019

BOOK NOW

 


OPEN SOURCE INTELLIGENCE (OSINT) - 13/10/2019 - 17/10/2019

BOOK NOW

 


NETWORK FORENSICS - 20/10/2019 - 25/10/2019 

BOOK NOW

 


PKI SECURITY - 27/10/2019 - 28/10/2019

BOOK NOW

 


 

FAQ Questions

  • Who should attend the course?

The course should attend law enforcement members, digital forensics investigators and others that want to learn how to correctly respond to incidents that involve digital evidence.

 

Workshop Competencies

Our trainers are experienced consultants in digital forensics department. They are responsible for client education, research and development of forensic tools. All our trainers possess excellent knowledge and workshop experience in relevant tools on the market, such as Guidance Software, Micro Systemation, AccessData, Amped, BlueBear, Cellebrite, Oxygen forensic software and products, which can be confirmed by numerous certificates obtained in the digital forensics field.