You are leaving our Website
Using an external Link:
You are now leaving our website. The following page is operated by a third party. We accept no responsibility for the content, data protection, or security of the linked page..
URL:
SC450: Digital Forensics for Subject Matter Experts
Training: Security
IT security professionals and administrators receive a practical introduction to digital forensics. The course covers the analysis of Windows and Linux systems according to forensic principles, as well as handling typical artifacts. It addresses methods of evidence preservation, practical exercises, and discussions. The training concludes with an exam.
Start: 2025-11-24 | 10:00 am
End: 2025-11-28 | 04:00 pm
Location: Nürnberg
Price: 2.850,00 € plus VAT.
Agenda:
- Welcome, introduction, organization
- Introduction
- Context: Information security, IT security and data protection
- Significance of forensics
- Introduction to incident response
- Definition, objectives
- Problem areas and recommendations
- Introduction to Digital Forensics (First Insight: Definition, Objectives)
- Excursus: Criminal Law
- Understanding attacks
- Attackers and their motivations
- Common attack techniques & attack targets
- CTF: live pentest
- Incident response (Theory and fundamentals)
- Incident response (BlueTeam)
- Windows forensics
- Exercise: Digital evidence collection
- Court-admissible documentation
- Practice: Action recommendations and tools
- Discussion on measures after knowledge acquisition from IT forensics
- Which tools are mandatory?
- Which tools are "nice to have"?
- Practice Focus: Windows forensics
- Windows Registry
- Registry hives online and offline
- Tools for data acquisition
- Tools for registry analysis
- System information
- OS version
- Current Control Set
- Computer name
- Time zone
- Network interfaces
- Autostart
- SAM hive and user information
- System logons
- Event logs
- Network connections
- Remote access
- USB devices
- Device identification
- First/Last times
- File Access
- Recent files
- Office recent files
- ShellBags
- Open/Save and LastVisited dialog MRUs
- Windows Explorer address/search bars
- File execution
- User assist
- ShimCache
- AmCache
- BAM/DAM
- Deleted Files
- Windows Registry
- Compact: Linux forensics
- System Information
- User account
- User groups
- Sudoers list
- System logons
- System configuration
- Hostname
- Time zone
- Network configuration
- Processes
- DNS information
- Persistence mechanism
- Cron jobs
- Services
- Bash/shell startup
- Log Files
- Syslogs
- Authentication logs
- Third-party logs
- Deleted files
- System Information
- Review and final examination
- Quiz
- Question answering and discussion
- Examination
Objectives:
Evidence preservation and proof of criminal activities in IT security incidents frequently present major challenges to enterprises.
In this workshop, we provide you with the necessary insider knowledge on how to conduct forensic analyses of Windows and Linux systems during IT security incidents and secure and evaluate court-admissible evidence. The workshop focus lies on the practice-oriented delivery of fundamental IT forensic work knowledge.
At the end of the workshop, you will be capable of:
- Responding to security incidents more securely and correctly
- Securing court-admissible traces
- Independently performing forensic analysis steps on Windows systems
- Making a significant contribution to evidence-based investigation of cyberattacks to track down perpetrators
Target audience:
- Practitioners, particularly in computer science and related disciplines
- IT administrators
- Aspiring IT forensics specialists
Prerequisites:
A good understanding of IT systems and terminology is expected.Description:
Cybercriminals pose a high threat to enterprises and their sensitive data through phishing, hacking, or scamming. To prevent the risks of an attack or to trace and forensically secure the evidence left by perpetrators in case of an attack, IT forensic knowledge is required.
The focus of the workshop SC450 Digital Forensics for Subject Matter Experts is on the practical analysis of Windows and Linux systems considering IT forensic principles.
This covers both the fundamentals of digital forensics as well as detailed examination of individual IT forensic artifacts. The content is developed interactively in manageable groups through presentations, hands-on exercises, and group discussions.
The seminar concludes on the final seminar day with an examination and a certificate.
For the examination, which takes place in the afternoon, participants have 90 minutes. It consists of 40 multiple choice questions. To successfully pass the examination, 70% must be answered correctly.
Guaranteed implementation:
from 2 Attendees
Booking information
Price:
2.850,00 € plus VAT.
(including lunch & drinks)
Exam (Optional):
100,00 € plus VAT.
Appointment selection:
Testimonials:
Authorized training partner
Authorized training partner
Memberships
Memberships
Shopping cart
SC450: Digital Forensics for Subject Matter Experts
was added to the shopping cart.