Skip to Content

Client Testimonials

"CRI staff is always energetic and willing to do the extra steps to make things work."

More

Online Computer Forensics

SYLLABUS
Introduction to Computer Forensics

April 20, 2009 ? May 11, 2009

Instructor: Kari Wood, Ph.D. CCE (Certified Computer Examiner)
Office: Decker Hall 26
Phone: 218-556-4054
E-Mail: kwood@bemidjistate.edu

Textbooks: To Be Announced

Web Site for Textbook and Log on: 

http://onlinelearning.bemidjistate.edu (Once you?ve activated the site, you will need to put in your username and password to gain access to the course site.) 

Hardware, Software, & Supplies:    Windows-based machine capable of running the FTK, Ghost, & Wiper (Windows 98 Machines & Windows XP Machines A MUST!!!) See Dual System Requirements sheet

Training Description: In this 4 week online Training Session, individuals will learn the fundamental principles and concepts in computer forensics. The topics include: the differing data file structures, the procedure of discovering and preserving evidence, and methods of searching and retrieving evidence using software tools. Related legal procedures and reports are also discussed briefly.  Participants will conduct a minimum of 1 hands-on practice Case during the training session.  Once completed, this training session should allow a basic understanding of the process, policies, and software needs to conduct a computer forensics analysis. 

This course is approved for 45 credits from Minnesota Board of Peace Officer Standards and Training (POST).

Training Objectives:

This course will enable an individual to:

  1. understand basic hardware components and the process in which to collect untainted copies of computer file evidence,
  2. understand the technical components of searching and retrieving evidence using software tools such as DataLifter, Diskedit, FTK and PRTK,
  3. understand the report responsibilities and process required for effective legal procedures, and
  4. perform a practice hands-on computer forensics examination for overall understanding.

Tentative Itinerary

Week 1:

1. Introduction to computer forensic Basics

  • file storage systems
  • terminology
  • legal process etc
  • *Assignment 1

Week 2:

2. Software & Hardware Familiarization-

  • Write-blockers
  • DUAL boot system -Windows 98 vs. Windows XP
  • Diskedit, Freesecs, DataLifter, FTK, PRTK
  • Forensics Analysis Machine Example
  • *Assignment 2

Week 3:

3. Hands-on examination of a Floppy Disk

  • Hash and copy evidence Disk
  • Use of Diskedit
  • Recover deleted files etc.
  • Write practice Report
  • *Assignment 3

Week 4:

5.     Hands-on examination of a hard drive image

  • Hash and copy of drive image
  • Use of FTK
  • Use of PRTK to break passwords
  • Write practice Report
  • *Assignment 4

   

Optivation...creating opportunities through workforce development.

Our Vision