* The Most Comprehensive Forensic Investigation Course Ever Taught *
* and Become a Certified Forensics Analyst *
Unique Course Feature
In this 30-hour course, the elements of a successful digital
forensic investigator are addressed comprehensively.
Specifically, this course features:
- Strong emphasis on both conceptual and technical forensics skills so as to prepare you to become as an effective forensics investigator
- In-depth discussions of the internals of common file systems, the secrets in acquiring data from host, network and embedded devices, and the techniques in analyzing different OS platforms and embedded devices
- Hands-on exercises in mastering numerous investigation tools, investigating various real-world compromised systems, and analyzing unknown hacker tools and suspicious network traces
- Course leaded by qualified and knowledgeable i-Total instructors with over 14-year pure information security experiences
For comprehensive coverage of the examination curriculum, we structure
this course into 4 modules with a total of 30 contact hours.
Details about individual modules are given below. Please email us at
info@i-TotalSecurity.net for more information.
* To get the most value out of the course, students are required to bring their own notebook computer.
||Incident Handling and Computer Forensics
In this module, the overall incident handling and computer
forensics process are discussed. Step-by-step instructions
on how an organization can develop the incident handling
and forensics capabilities from the ground up will be
A number of real world case studies will be examined and
discussed to illustrate how identify computer attackers,
and to provide valuable information on the steps students
can take to improve the chances of catching and prosecuting
Acquisition of Digital Evidences (Hands-On*)
After substantiating the suspected incident, an
investigator may need to acquire evidences in a
forensically sound manner in order to determine what
happened and how the case might be resolved.
As hard disks are the most significant containers of
evidences, we start this module with in-depth
discussions of both the logical and physical configuration
of hard disks and file systems. Then, focuses will
be shifted to collecting volatile and permanent data
from hosts, network, embedded, and non-technical devices.
Finally, details on documenting, authenticating, and
handling digital evidences collected will be covered.
Hands-on practices will be provided to let participants
understand how to collect volatile data, perform forensic
duplications and conduct network surveillance in great
Analysis of Digital Evidences (Hands-On*)
Here comes to the meat of computer forensics. In this
module, we will detail the procedures for analyzing and
interpreting the acquired information so as to draw
valid conclusions to assist the incident investigation
and its resolution.
Firstly, generic techniques applicable to all forms of
forensic investigations are discussed. Then, detailed
sets of evidence steps that are specific to Windows,
Unix, Linux, Solaris, MAC OS X, routers, PDAs, Smart Phones and
various application servers will be provided and
practiced. Furthermore, skills presentations and
hands-on exercises for analyzing network traffic,
determining the functionality of unknown binaries,
interpreting the clues inside of Internet messages
will be arranged. Upon completion of this module,
you will start becoming an Internet detective and using
standard Internet services to perform local and remote
Investigation Reporting and Legal Issues
Following vast efforts on evidence acquisition and
investigation, the next nature step is to write up a
forensic report documenting your findings and conclusions.
In this module, some general guidelines for writing a
good forensic report will be outlined. Besides,
legal issues and implications pertaining to computer
forensics are discussed.
Course Date & Venue
|Date||10 Monday Evening Sessions Starting 13 Sep 2010|
|Time||7:00pm - 10:00pm|
|Venue||7D, Trust Tower, 68 Johnston Road, Wan Chai, Hong Kong [See Map]|
*i-TotalSecurity reserves the rights to modify the schedule as required.
Lectures (30 Hours) = Early Bird price HK$6,980.00*
Early bird price - Enroll 2 weeks before course commencement.
Mr. Gamin Lou, CISSP, CISA, CISM, CEH, has over 14 years experience
in information systems security governance and practices. Before joining
i-TotalSecurity as a security consultant, he has been working in various
global and local financial institutes and was responsible for managing
overall information security programs, implementing and monitoring perimeter
security and intrusion detection systems, as well as responding to and
investigating security incidents for the organizations.
A pioneer in information systems control and security education and
consultancy who bring the best knowledge, skills and practices to meet
the certification and working needs of individuals and corporations.
Since 1995, our qualified and no-nonsense security specialists are
teaching information security with students from leading corporations,
government and military organizations internationally.
Call us at +852 2965.4445 or e-mail info@i-TotalSecurity.net