CH â CHFI Computer Hacking Forensic Investigator v8.0 ... - Torque IT
CH â CHFI Computer Hacking Forensic Investigator v8.0 ... - Torque IT
CH â CHFI Computer Hacking Forensic Investigator v8.0 ... - Torque IT
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
1. Duplicate the Data (Imaging)<br />
2. Verify Image Integrity<br />
1. MD5 Hash Calculators: HashCalc, MD5<br />
Calculator and HashMyFiles<br />
3. Recover Lost or Deleted Data<br />
1. Data Recovery Software<br />
6. Analyse the Data<br />
1. Data Analysis<br />
2. Data Analysis Tools<br />
7. Assess Evidence and Case<br />
1. Evidence Assessment<br />
2. Case Assessment<br />
3. Processing Location Assessment<br />
4. Best Practices to Assess the Evidence<br />
8. Prepare the Final Report<br />
1. Documentation in Each Phase<br />
2. Gather and Organize Information<br />
3. Writing the Investigation Report<br />
4. Sample Report<br />
9. Testifying as an Expert Witness<br />
1. Expert Witness<br />
2. Testifying in the Court Room<br />
3. Closing the Case<br />
4. Maintaining Professional Conduct<br />
5. Investigating a Company Policy Violation<br />
6. <strong>Computer</strong> <strong>Forensic</strong>s Service Providers<br />
Module 03: Searching and Seizing <strong>Computer</strong>s<br />
1. Searching and Seizing <strong>Computer</strong>s without a Warrant<br />
1. Searching and Seizing <strong>Computer</strong>s without a<br />
Warrant<br />
2. A: Fourth Amendment’s “Reasonable Expectation of<br />
Privacy” in Cases Involving <strong>Computer</strong>s: General<br />
Principles<br />
3. A.1: Reasonable Expectation of Privacy in<br />
<strong>Computer</strong>s as Storage Devices<br />
4. A.3: Reasonable Expectation of Privacy and Third-<br />
Party Possession<br />
5. A.4: Private Searches<br />
6. A.5 Use of Technology to Obtain Information<br />
7. B: Exceptions to the Warrant Requirement in Cases<br />
Involving <strong>Computer</strong>s<br />
8. B.1: Consent<br />
9. B.1.a: Scope of Consent<br />
10. B.1.b: Third-Party Consent<br />
11. B.1.c: Implied Consent<br />
12. B.2: Exigent Circumstances<br />
13. B.3: Plain View<br />
14. B.4: Search Incident to a Lawful Arrest<br />
15. B.5: Inventory Searches<br />
16. B.6: Border Searches<br />
17. B.7: International Issues<br />
18. C: Special Case: Workplace Searches<br />
19. C.1: Private Sector Workplace Searches<br />
20. C.2: Public-Sector Workplace Searches<br />
2. A: Successful Search with a Warrant<br />
3. A.1: Basic Strategies for Executing <strong>Computer</strong><br />
Searches<br />
4. A.1.a: When Hardware is itself Contraband,<br />
Evidence, or an Instrumentality or Fruit of Crime<br />
5. A.1.b: When Hardware is Merely a Storage Device<br />
for Evidence of Crime<br />
6. A.2: The Privacy Protection Act<br />
7. A.2.a: The Terms of the Privacy Protection Act<br />
8. A.2.b: Application of the PPA to <strong>Computer</strong> Searches<br />
and Seizures<br />
9. A.3: Civil Liability Under the Electronic<br />
Communications Privacy Act (ECPA)<br />
10. A.4: Considering the Need for Multiple Warrants in<br />
Network Searches<br />
11. A.5: No-Knock Warrants<br />
12. A.6: Sneak-and-Peek Warrants<br />
13. A.7: Privileged Documents<br />
14. B: Drafting the Warrant and Affidavit<br />
15. B.1: Accurately and Particularly Describe the<br />
Property to be Seized in the Warrant and/or<br />
Attachments to the Warrant<br />
16. B.1.a: Defending <strong>Computer</strong> Search Warrants<br />
Against Challenges Based on the Description of the<br />
“Things to Be Seized”<br />
17. B.2: Establish Probable Cause in the Affidavit<br />
18. B.3: In the Affidavit Supporting the Warrant,<br />
include an Explanation of the Search Strategy as<br />
Well as the Practical & Legal Considerations that<br />
Will Govern the Execution of the Search<br />
19. C: Post-Seizure Issues<br />
20. C.1: Searching <strong>Computer</strong>s Already in Law<br />
Enforcement Custody<br />
21. C.2: The Permissible Time Period for Examining<br />
Seized <strong>Computer</strong>s<br />
22. C.3: Rule 41(e) Motions for Return of Property<br />
3. The Electronic Communications Privacy Act<br />
1. The Electronic Communications Privacy Act<br />
2. A. Providers of Electronic Communication Service<br />
vs. Remote Computing Service<br />
3. B. Classifying Types of Information Held by Service<br />
Providers<br />
4. C. Compelled Disclosure Under ECPA<br />
5. D. Voluntary Disclosure<br />
6. E. Working with Network Providers<br />
4. Electronic Surveillance in Communications Networks<br />
1. Electronic Surveillance in Communications<br />
Networks<br />
2. A. Content vs. Addressing Information<br />
3. B. The Pen/Trap Statute, 18 U.S.C. §§ 3121-3127<br />
4. C. The Wiretap Statute (“Title III”), 18 U.S.C. §§<br />
2510-2522<br />
5. C.1: Exceptions to Title III<br />
6. D. Remedies For Violations of Title III and the<br />
Pen/Trap Statute<br />
2. Searching and Seizing <strong>Computer</strong>s with a Warrant<br />
1. Searching and Seizing <strong>Computer</strong>s with a Warrant<br />
5. Evidence<br />
1. Evidence<br />
2. A. Authentication