Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


Systems Forensics, Investigation, and Response

Learn the fundamentals of system forensics.

GK# 3430

Course Overview


Computer crimes call for forensics specialists, people who know how to find and follow the evidence. This course examines the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. In this course, you will learn about computer crimes, forensic methods,and laboratories and addresses the tools, techniques,and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.

In addition to premium instructional content from Jones & Bartlett Learning's comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized "virtual sandbox" learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice "white hat" hacking on a real IT infrastructure-these are not simulations. Winner of the "Security Training and Educational Programs" top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry's leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 20 hours of training exercises on how hackers and perpetrators use these applications and tools.


This course covers content within the following industry certification exam:

  • Certified Information Systems Security Professional (CISSP) - two content domains covered


  • Delivery Format:
  • Date:
  • Location:
  • Access Period:


What You'll Learn

  • The role of computer forensics in responding to crimes and solving business challenges
  • System forensics issues, laws, and skills
  • Purpose and structure of a digital forensics lab
  • Evidence life cycle
  • Procure evidence in physical and virtualized environments
  • Impact of sequestration on the evidence-gathering process
  • Collect evidence in network and email environments
  • Automated digital forensic analysis
  • Report investigative findings of potential evidentiary value
  • Constraints on digital forensic investigations


Viewing outline for:

Virtual Classroom Live Outline

1. The System Forensics Landscape

  • Introduction to Forensics
  • Overview of Computer Crime
  • Forensics Methods and Labs

2. Technical Overview: System Forensics Tools, Techniques, and Methods

  • Collecting, Seizing, and Protecting Evidence
  • Understanding Information-Hiding Techniques
  • Recovering Data
  • Email Forensics
  • Windows Forensics
  • Linux Forensics
  • Mac Forensics
  • Mobile Forensics
  • Performing Network Analysis

3. Incident Response and Resources

  • Incident and Intrusion Response
  • Trends and Future Directions
  • System Forensics Resources


Viewing labs for:

Virtual Classroom Live Labs

Lab 1: Perform a Byte-Level Computer Audit

Lab 2: Apply the Daubert Standard on the Workstation Domain

Lab 3: Create a Forensic System Case File for Analyzing Forensic Evidence

Lab 4: Uncover New Digital Evidence Using Bootable Utilities

Lab 5: Automate Digital Evidence Discovery Using Paraben's P2 Commander

Lab 6: Apply Steganography to Uncover Modifications to an Image File

Lab 7: Decode an FTP Protocol Session and Perform Forensic Analysis

Lab 8: Automate Image Evaluations and Identify Suspicious or Modified Files

Lab 9: Craft an Evidentiary Report for a Digital Forensics Case

Lab 10: Perform an Incident Response Investigation for a Suspicious Login

Software used in these labs include: DevManView, WinAudit, WinHex, P2 Commander, FavoritesView, Helix, IECacheView, IEHistoryView, IECookiesView, MyLastSearch, Process Explorer, S-Tools, NetWitness Investigator, Wireshark, and Splunk. Please note that software may be updated or changed to keep pace with new data in the field.

Who Should Attend

  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization
Course Delivery

This course is available in the following formats:

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 5 day

Request this course in a different delivery format.