CH â CHFI Computer Hacking Forensic Investigator v8.0 ... - Torque IT

More documents

Recommendations

Info

1. Duplicate the Data (Imaging) 2. Verify Image Integrity 1. MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles 3. Recover Lost or Deleted Data 1. Data Recovery Software 6. Analyse the Data 1. Data Analysis 2. Data Analysis Tools 7. Assess Evidence and Case 1. Evidence Assessment 2. Case Assessment 3. Processing Location Assessment 4. Best Practices to Assess the Evidence 8. Prepare the Final Report 1. Documentation in Each Phase 2. Gather and Organize Information 3. Writing the Investigation Report 4. Sample Report 9. Testifying as an Expert Witness 1. Expert Witness 2. Testifying in the Court Room 3. Closing the Case 4. Maintaining Professional Conduct 5. Investigating a Company Policy Violation 6. Computer Forensics Service Providers Module 03: Searching and Seizing Computers 1. Searching and Seizing Computers without a Warrant 1. Searching and Seizing Computers without a Warrant 2. A: Fourth Amendment’s “Reasonable Expectation of Privacy” in Cases Involving Computers: General Principles 3. A.1: Reasonable Expectation of Privacy in Computers as Storage Devices 4. A.3: Reasonable Expectation of Privacy and Third- Party Possession 5. A.4: Private Searches 6. A.5 Use of Technology to Obtain Information 7. B: Exceptions to the Warrant Requirement in Cases Involving Computers 8. B.1: Consent 9. B.1.a: Scope of Consent 10. B.1.b: Third-Party Consent 11. B.1.c: Implied Consent 12. B.2: Exigent Circumstances 13. B.3: Plain View 14. B.4: Search Incident to a Lawful Arrest 15. B.5: Inventory Searches 16. B.6: Border Searches 17. B.7: International Issues 18. C: Special Case: Workplace Searches 19. C.1: Private Sector Workplace Searches 20. C.2: Public-Sector Workplace Searches 2. A: Successful Search with a Warrant 3. A.1: Basic Strategies for Executing Computer Searches 4. A.1.a: When Hardware is itself Contraband, Evidence, or an Instrumentality or Fruit of Crime 5. A.1.b: When Hardware is Merely a Storage Device for Evidence of Crime 6. A.2: The Privacy Protection Act 7. A.2.a: The Terms of the Privacy Protection Act 8. A.2.b: Application of the PPA to Computer Searches and Seizures 9. A.3: Civil Liability Under the Electronic Communications Privacy Act (ECPA) 10. A.4: Considering the Need for Multiple Warrants in Network Searches 11. A.5: No-Knock Warrants 12. A.6: Sneak-and-Peek Warrants 13. A.7: Privileged Documents 14. B: Drafting the Warrant and Affidavit 15. B.1: Accurately and Particularly Describe the Property to be Seized in the Warrant and/or Attachments to the Warrant 16. B.1.a: Defending Computer Search Warrants Against Challenges Based on the Description of the “Things to Be Seized” 17. B.2: Establish Probable Cause in the Affidavit 18. B.3: In the Affidavit Supporting the Warrant, include an Explanation of the Search Strategy as Well as the Practical & Legal Considerations that Will Govern the Execution of the Search 19. C: Post-Seizure Issues 20. C.1: Searching Computers Already in Law Enforcement Custody 21. C.2: The Permissible Time Period for Examining Seized Computers 22. C.3: Rule 41(e) Motions for Return of Property 3. The Electronic Communications Privacy Act 1. The Electronic Communications Privacy Act 2. A. Providers of Electronic Communication Service vs. Remote Computing Service 3. B. Classifying Types of Information Held by Service Providers 4. C. Compelled Disclosure Under ECPA 5. D. Voluntary Disclosure 6. E. Working with Network Providers 4. Electronic Surveillance in Communications Networks 1. Electronic Surveillance in Communications Networks 2. A. Content vs. Addressing Information 3. B. The Pen/Trap Statute, 18 U.S.C. §§ 3121-3127 4. C. The Wiretap Statute (“Title III”), 18 U.S.C. §§ 2510-2522 5. C.1: Exceptions to Title III 6. D. Remedies For Violations of Title III and the Pen/Trap Statute 2. Searching and Seizing Computers with a Warrant 1. Searching and Seizing Computers with a Warrant 5. Evidence 1. Evidence 2. A. Authentication
3. B. Hearsay 4. C. Other Issues Module 04: Digital Evidence 1. Digital Data 1. Definition of Digital Evidence 2. Increasing Awareness of Digital Evidence 3. Challenging Aspects of Digital Evidence 4. The Role of Digital Evidence 5. Characteristics of Digital Evidence 6. Fragility of Digital Evidence 7. Anti-Digital Forensics (ADF) 2. Types of Digital Data 1. Types of Digital Data 3. Rules of Evidence 1. Rules of Evidence 2. Best Evidence Rule 3. Federal Rules of Evidence 4. International Organization on Computer Evidence (IOCE) 5. IOCE International Principles for Digital Evidence 6. Scientific Working Group on Digital Evidence (SWGDE) 7. SWGDE Standards for the Exchange of Digital Evidence 4. Electronic Devices: Types and Collecting Potential Evidence 1. Electronic Devices: Types and Collecting Potential Evidence 5. Digital Evidence Examination Process 1. Evidence Assessment 1. Evidence Assessment 2. Prepare for Evidence Acquisition 2. Evidence Acquisition 1. Preparation for Searches 2. Seizing the Evidence 3. Imaging 4. Bit-Stream Copies 5. Write Protection 6. Evidence Acquisition 7. Evidence Acquisition from Crime Location 8. Acquiring Evidence from Storage Devices 9. Collecting Evidence 10. Collecting Evidence from RAM 11. Collecting Evidence from a Standalone Network Computer 12. Chain of Custody 13. Chain of Evidence Form 3. Evidence Preservation 1. Preserving Digital Evidence: Checklist 2. Preserving??Removable Media 3. Handling Digital Evidence 4. Store and Archive 5. Digital Evidence Findings 4. Evidence Examination and Analysis 1. Evidence Examination 2. Physical Extraction 3. Logical Extraction 4. Analyse Host Data 5. Analyse Storage Media 6. Analyse Network Data 7. Analysis of Extracted Data 8. Timeframe Analysis 9. Data Hiding Analysis 10. Application and File Analysis 11. Ownership and Possession 5. Evidence Documentation and Reporting 1. Documenting the Evidence 2. Evidence Examiner Report 3. Final Report of Findings 4. Computer Evidence Worksheet 5. Hard Drive Evidence Worksheet 6. Removable Media Worksheet 6. Electronic Crime and Digital Evidence Consideration by Crime Category 1. Electronic Crime and Digital Evidence Consideration by Crime Category Module 05: First Responder Procedures 1. Electronic Evidence 2. First Responder 3. Roles of First Responder 4. Electronic Devices: Types and Collecting Potential Evidence 5. First Responder Toolkit 1. First Responder Toolkit 2. Creating a First Responder Toolkit 3. Evidence Collecting Tools and Equipment 6. First Response Basics 1. First Response Rule 2. Incident Response: Different Situations 3. First Response for System Administrators 4. First Response by Non-Laboratory Staff 5. First Response by Laboratory Forensics Staff 7. Securing and Evaluating Electronic Crime Scene 1. Securing and Evaluating Electronic Crime Scene: A Checklist 2. Securing the Crime Scene 3. Warrant for Search and Seizure 4. Planning the Search and Seizure 5. Initial Search of the Scene 6. Health and Safety Issues 8. Conducting Preliminary Interviews 1. Questions to Ask When Client Calls the Forensic Investigator 2. Consent 3. Sample of Consent Search Form 4. Witness Signatures 5. Conducting Preliminary Interviews 6. Conducting Initial Interviews 7. Witness Statement Checklist 9. Documenting Electronic Crime Scene 1. Documenting Electronic Crime Scene 2. Photographing the Scene 3. Sketching the Scene 4. Video Shooting the Crime Scene 10. Collecting and Preserving Electronic Evidence 1. Collecting and Preserving Electronic Evidence 2. Order of Volatility 3. Dealing with Powered On Computers
Page 1: CH - CHFI Computer Hacking Forensic
Page 5 and 6: 4. v4 Combo Adapters 5. ProSATA SS8
Page 7 and 8: 7. Shares 8. Audit Policy 9. Wirele
Page 9 and 10: 26. Forensic Tower IV Dual Xeon 27.
Page 11 and 12: 3. Configuring EnCase: Debug Tab 4.
Page 13 and 14: 10. Picture Viewer: IrfanView 11. P
Page 15 and 16: 2. Types of Intrusion Detection Sys
Page 17 and 18: Module 18: Investigating Web Attack
Page 19 and 20: 8. Integrated Circuit Card Identifi

CH â CHFI Computer Hacking Forensic Investigator v8.0 ... - Torque IT

Create successful ePaper yourself

Delete template?

Save as template?

CH â CHFI Computer Hacking Forensic Investigator v8.0 ... - Torque IT