SIRCHIE Media Investigations – Youngsville NC – 27 March 2018

This 2 day course is designed to introduce the investigator to the domain of digital forensics. With over 9 billion wireless subscriptions worldwide as of 2016, every criminal investigation involves information that can be captured from a digital device, including phones and tablets. Understanding what information can be obtained from these devices, as well as how to collect and preserve the information legally is critical.

SKU: OCO-BOW-006-0-0318 Category:

Travel and Lodging

  • The HTCI classroom is located on the campus of SIRCHIE International, the worlds largest producer and supplier of Evidence collection material in the world.  The campus is made up of 126 acres of prime training ground.  A mix of first class classrooms and outdoor facilites make this an exceptional location to train in.  The HTCI classroom is located 30 minutes from the Raleigh/Durham airport for the convenience of students that must travel by air.  The facility is also serviced by two major interstates allowing for quick and easy access to and from the facility.

    The facility is a nonsmoking facility.  Students attending will be required to leave campus to smoke.

    I agree for my personal data to be processed by , for the purpose(s) of presenting the data you have submitted on the map..

    I agree for my personal data, provided via map API calls, to be processed by the API provider, for the purposes of geocoding (converting addresses to coordinates), reverse geocoding and generating directions.

    Some visual components of WP Google Maps use 3rd party libraries which are loaded over the network. At present the libraries are Google Maps, Open Street Map, jQuery DataTables and FontAwesome. When loading resources over a network, the 3rd party server will receive your IP address and User Agent string amongst other details. Please refer to the Privacy Policy of the respective libraries for details on how they use data and the process to exercise your rights under the GDPR regulations.

    WP Google Maps uses jQuery DataTables to display sortable, searchable tables, such as that seen in the Advanced Marker Listing and on the Map Edit Page. jQuery DataTables in certain circumstances uses a cookie to save and later recall the "state" of a given table - that is, the search term, sort column and order and current page. This data is held in local storage and retained until this is cleared manually. No libraries used by WP Google Maps transmit this information.

    Please see here and here for Google's terms. Please also see Google's Privacy Policy. We do not send the API provider any personally identifying information, or information that could uniquely identify your device.

    Where this notice is displayed in place of a map, agreeing to this notice will store a cookie recording your agreement so you are not prompted again.

Course Agenda

OBJECTIVES• Student will discuss the need for digital forensics
• Student will be able to understand the CPER model
• Student will be able to how to collect digital evidence
• Student will be able to basic understanding of media forensics
• Student will be able to image media using a forensic tool
• Student will be able to navigate and import an image file for forensic processing
• Student will be to conduct basic analysis of digital media
• Student will discuss cellular devices and the collection of cellular devices
• Student will be able to collect cellular devices
• Student will be able to isolate devices for collection
• Student will be able to discuss the numbers and numbering patterns assigned to cellular devices
• Student will be able to collect and examine a basic cellular device
• Student will prepare reports for analysis an collection
Student Schedule
(Proposed, as topics may move within the structure for time and external events)
Day 1
● Overview of the Digital Evidence cycle Collection, Preservation, Evaluation, Report (CPER) model
● Introduction to Open Source Forensic Tools
● Using FTK Imager to gather evidence from digital containers. Creating E01 images and reviewing E01 images for potential evidence
● Use Autopsy to ingest an E01 image for analysis and review
● Conduct a sample case to show the power of FTK and Autopsy in a hands on case environment
Day 2
● Cell Phone collection overview (what is the difference in the CPER model)
● Paraben D3 collection overview to collect cellphone data from the handsets
● Using DART to correlate cellphone extractions producing nodal analysis
● Using Call Detail Records (CDR) in your investigations
● Using MapLink to plot evidence from CDR
● Hands on practical exercise using the cellphone collection tools to produce evidence.


There are no reviews yet.

Be the first to review “SIRCHIE Media Investigations – Youngsville NC – 27 March 2018”

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.