CompuForensics
for
Computer Forensics Examiner Training
|
|
|
Computer Forensics Examiner |
Court/Legal Issues |
Windows User |
Computer Forensics |
|
Length: 75 hours Tuition: $995 Included: Notes/CD & DVDROM Requisite: Windows OS familiarity Summary: Best of Basic and Advanced combined (analysis of Windows using Windows running inside SuSE Linux) courses. Prior Linux experience is not needed. |
Length: 40 Hours Tuition: $795 Included: Notes/NIJ DVD Requisite: 12-Week Course Summary: Forensic legal issues and courtroom testimony are discussed using NIJ and DOJ references. Students are examined and cross examined by a practicing attorney. |
Length: 1 Days (8 hours) |
Length: 1 day (8 hours) |
|
Computer forensics is a relatively new professional endeavor within the computer science field. Little more than two and one-half decades old, it has garnered increasing attention in recent years due to an unusually high earning potential that tends to be almost immune from overseas competition. Computer forensics is the process of acquiring computer based information for use in legal proceedings or formal debate through a detailed or careful search. Legal proceedings normally refer to criminal or civil court trials, which are local in nature and therefore more effectively served by local examiners. Computer forensics, which was initially restricted to law enforcement officers, has more recently been practiced by those without law enforcement training. As such, it is increasingly popular among other computer professionals whose job prospects have been adversely affected by global competition. Once you’ve decided you’re ready to embark on a career in computer forensics, enroll in our 75-hour 12-week Forensic Examiner on-line course. Classes occur from 7-9 p.m. Central, Monday, Wednesday and Friday. If you’ve completed our 75-hour computer forensics training, consider taking our new 40-Hour 10-week Court/Legal Issues on-line course taught Tuesdays and Thursday evenings. In addition to decades of federal law enforcement experience and hundreds of hours of courtroom experience, the Court/Legal Issues course affords students the unique opportunity to experience courtroom examination and cross examination by a practicing attorney. Finally, if you manage or support computer forensics examiners, our 8-hour Computer Forensics Business Issues course may be just what you’re looking for. Conversely, if you’d like to know just enough about computer forensics to protect yourself from on-line threats, Personal Computer Security and Privacy may better suit your current needs. Both courses are taught Tuesday and Thursday evenings.
Established in 1998,
CompuForensics has become increasingly popular among law enforcement,
government intelligence and In January, 2008, the Computer Forensics Examiner Basic 8-week 48-hour and 7-week 42-hour Advanced live on-line courses were replaced with the 12-week 75-hour Forensics Examiner course. Containing essential and most popular components of the Basic and Advanced courses, the new updated live on-line course manifested a savings of nearly a thousand dollars to the student.
Depicted below is the user friendly web based video access interface on CompuForensics' password protected CompuPic.Net; for a current listing of course content, download a copy of the course syllabus. The student has access to this site for the entire 12-week period, including web compatible read-only videos. Each green button corresponds to a Power Point XML presentation augmenting live instruction via Skype VOIP (Voice Over Internet Protocol). In addition to live sessions, instructor audio recordings may be accessed via blue buttons. Audio recordings are routinely made upon notification that a student will not be present for the live session. Alternatively, students can attend live lecture sessions via a land-line or cellular telephone by prior arrangement. Skype and telephone conference connections are initiated by the instructor.
The live on-line 75-hour Examiner course is restricted to no more than nine students. Classes tend to be smaller still, affording an unparalleled student-teacher ratio. Although scripted exercises are designed for independent use, the instructor is available should the student require immediate assistance during scheduled laboratory exercises. The Court/Legal Issues course may be slightly larger, however, benefits from the improved interaction afforded by GoToMeeting.
The
12-Week Forensic Examiner course is designed to equip government and
corporate
CrossOver allows many Windows applications and forensic tools to run inside of SuSE
Linux. Linux precludes inadvertent modification of evidentiary partitions by
the Windows operating system and applications. Knoppix Live Debian Linux is
employed to safely and efficiently conduct an on-site preliminary forensic
analysis of Windows computers. Use of hardware write blocks used to safely
use Windows to analyze evidentiary partitions is simulated during the
course. Computer forensics business management and technical report
writing instruction is included. On-line Forensics Instructor Pictured in casual attire suitable to his current semi-retirement in rural Tennessee, the instructor possesses professional training and experience second to none. Possessing bachelor and masters university degrees, the instructor additionally attended special agent academies for the Department of the Treasury, US Customs Service, Naval Criminal Investigative Service and USAF Office of Special Investigations. Applicable technical training was principally hosted by the Treasury Department and Central Intelligence Agency. A former field grade intelligence officer with the USAF and US Army, he is a decorated Vietnam air combat veteran. Retiring at age 53 with a quarter century of federal law enforcement experience, he served as field agent, agent supervisor and headquarters staff, including service as a national program manager for computer forensics. In addition to well over a decade of US Government computer forensics experience, he has taught computer forensics since 1999 at seven regionally accredited universities or colleges in the Midwest and South. 12-Week
Forensics Examiner Student Background Twelve week examiner students should minimally have prior experience in loading the Microsoft Windows operating system and applications, copying/moving/linking files using Windows Explorer, and be familiar with the use of classic menu options. Prior use of basic Command Prompt utilities such as format, change directory, rename, delete and copy is also required. A+ or comparable computer hardware background is minimally desirable. Students should be familiar with Windows or third party drive partitioning software prior to beginning the course. Prior experience with Linux or computer forensics is not required. 12-Week Examiner Computer System Requirements Audio/Video Communications Computer - Notebook, desktop or tower computer running Microsoft Internet Explorer 6/7/8 and Skype 4+ is recommended. Use of non-Microsoft Windows XP/Vista/Windows 7 personal computers may preclude optimum use of the web based XML Power Point presentations. Skype teleconferencing software is available for Windows, Macintosh and Linux operating systems. Download a free copy of Skype from www.Skype.com. Exercise Computer - Since the Examiner course involves some rebooting during on-line laboratory sessions, simultaneous use of a separate forensic exercise computer is recommended. The exercise computer must be minimally equipped with a DVD-ROM bootable drive. The exercise computer should minimally be configured with a Pentium IV or equivalent processor running at 1.6 GHz or faster, 512MB of RAM (Random Access Memory) and 20 gigabytes of free hard disk capacity on a single drive. While the exercise computer can be a notebook, use of a desktop or tower with at least one removable drive bay is preferred for those intending to use their exercise computer to do computer forensics analysis at the conclusion of the course. The exercise computer should contain Windows XP (Vista or Windows 7 can be used with the understanding that some Windows forensic utilities may not be supported). Linux will be additionally installed during the initial weeks of the course. Use of a virtual exercise computer using VMWare Workstation/Player or Sun VirtualBox is a viable alternative for students who do not anticipate doing computer forensics soon after the course has concluded. The virtual machine alternative is not ideal, even for classroom use. Consult Questions for a more complete discussion of virtual machine use. Exercise Software - Required preliminary and comprehensive forensic exercise images are available in Ghost, SafeBack, WinHex and Active@ DiskImage (version 2 for DOS) formats. If used, Norton Ghost should be 2001, 2002 or 2003 version; Ghost 10 is the last version to include Ghost 2003. Accordingly, Ghost, Safeback, WinHex (Specialist or higher) or DiskImage is required. Active@ DiskImage is a free download, which, although not routinely used for forensics, is instructive in the use of forensic imaging utilities. Possession of a specialist licensed version or higher of WinHex disk editor is recommended, especially for those intending to do forensics after the course. A free personal license copy of Winhex will support most course requirements. The WinHex disk editor is available for purchase or evaluation download at www.WinHex.com. Students should additionally possess a bootable Knoppix 5.1 CD-ROM, which may be downloaded free from www.Knoppix.net. Since only Explorer 7+ and Skype are needed for the first week of class, students may find it prudent to ask questions regarding software purchases during the first day of class. A trial ware version of Access Data's Forensic Toolkit (FFK) is used during the course.12-Week Examiner Course Resources At course end, students having attended at least 70% of scheduled classes and satisfactorily completing a case based comprehensive exercise are issued a college certificate of completion signed by a college dean or higher official. Successful completion also results in the award of 7.5 continuing education units. Some students may have the option of using the participating universities laboratory computers; in such instances, university laboratory fees are likely to apply. As in conventional classroom instruction, registration and tuition is handled by the hosting university. The Forensics Examiner course syllabus includes essential and most popular components of previously offered 6-day Examiner Basic and 5-day Examiner Advanced courses. Although only a few hours less than the replaced Basic and Advanced courses combined, course tuition is a quarter that of replaced on-campus courses; $2995 Savings.
|
|||||||||
|
© CompuForensics Home Questions Syllabus Analysis Links Rev. July 07, 2010 |
corporate security professionals. Previously
restricted to full-time government employees or a select group of corporate
security investigators, this high quality computer forensics training is now
available to the general American public through nationally renowned and
regionally accredited state universities and colleges. The current Forensics
Examiner course spans 12 weeks and 35 two-hour sessions in addition to at
least five
hours of additional comprehensive exercise group study. Those completing at
least 70% of scheduled classes, including a comprehensive forensics case
study, are rewarded with a certificate signed by a dean or higher. Although
designed as a 7.5 CEU (Continuing Education Units) university course with
Pass/Fail grading, a proctored written examination is available for those
requiring a letter grade. Course graduates can also elect to have their
contact and training information listed on the 
