Learn Computer Forensics on Your Own

Expertise in examining computers and networks for evidence can not only lead to a well-paying career, it can be an exciting field to work in. Many people who work in computer forensics have received training through their employer as a law-enforcement professional or corporate sponsored training. This does not mean that someone can’t learn these skills on their own. Thanks to online training, hands-on practice, and dozens of books on the subject, anyone with an interest in computer forensics can learn the skill set needed for this job.

  1. Learn the basics. Before getting started in computer forensics, you need to have a foundation in what it entails.
  2. Download forensic software and see how it works. There are many different tools available that don’t cost anything; some of these can be found at Open Source Forensics. These solutions provide a perfect opportunity for someone to learn how to use different forensic software.
  3. Create virtual machines to use as target computers when learning the software. Virtual machine software, like VirtualBox allows you to create a virtual computing environment that you can use for testing.
  4. Locate online forensics training. Once you have a grasp of computer forensics, it is time to take your training to the next level. There are many tutorials that can be found online that will help you better learn the different forensic software. Additionally, you can look into training packages that for a price will teach specific skills and software.
  5. Read books on forensics. There are many different books written on the subject that cover software packages like EnCase, methodologies used in forensic cases, and certification study manuals.

Obtaining certification in computer forensics can show potential clients and employers that you have expertise in the field.

Check with law enforcement agencies in your area to see if you can shadow them on investigations.

Understand the chain of custody when dealing with computer evidence.

Certain states require someone who is performing a computer forensic investigation to be a licensed private investigator. Make sure you understand the laws of your state before you move forward with an investigation.

Read More

EnCase Computer Forensics Training for Beginners

EnCase,Computer Forensics TrainingGuidance Software is recognized globally as a world leader in Digital Forensics, Cyber Security, and E-Discovery solutions. Their services include incident response, computer forensics, litigation support, and experts with hands-on experience in digital investigation. Each year they train over 6,000 corporate, law enforcement, and government professionals in digital forensics, e-discovery, security, and incident response.

This hands-on forensics training course involves practical exercises and real-life simulations in the use of EnCase® Forensic version 7 (EnCase v7). The class provides participants with an understanding of the proper handling of digital evidence from the initial seizure of the computer/media to acquisition, including the use of FastBloc® SE and LinEn. Instruction then progresses to the analysis of the data. It concludes with archiving and validating the data. Delivery method: Group-Live. NASBA defined level: basic.

Students attending this forensics training course will learn:

  • The EnCase v7 computer forensic methodology
  • What constitutes digital evidence and how computers work
  • Basic structures of the FAT and NT file systems
  • How to create a case and how to preview and acquire media
  • How to conduct raw and index searches
  • How to analyze file signatures and view files
  • How to conduct hash analysis and import hash sets
  • How to prepare reports, using templates provided with EnCase v7
  • How to restore evidence
  • How to archive files and data created through the analysis process
  • The proper techniques for handling and preserving evidence

Level: Introductory
Prerequlslte: Basic computer skills. Advance preparation for this course is not required.
Tuition: $2,495.00 USD per student.

Note: This training course is intended for IT security professionals, litigation support and forensic investigators Participants may have minimal computer skills and may be new to the field of computer forensics.

Details: http://www.guidancesoftware.com/computer-forensics-training-encase1.htm

Read More

Computer Forensics: Resources

  • Wikipedia: Computer Forensics
    Free encyclopedia entry for computer forensics, the application of the scientific method to digital media in order to establish factual information for judicial review. Inlcludes common techniques and recommended resources.
    en.wikipedia.org/wiki/Computer_forensics
  • Computer Forensics World
    Provides a portal covering all aspects of computer forensics and investigative techniques.
    www.computerforensicsworld.com
  • International Journal of Digital Evidence (IJDE)
    Forum for the publication and discussion of theory, research, policy, and practice in the rapidly changing field of digital evidence.
    www.ijde.org
  • Computer Forensics Tool Testing Program
    Provides information about the project, includes both general and technical information.
    www.cftt.nist.gov/index.html
  • Forensics.nl
    Provides computer forensics information and resources.
    www.forensics.nl
  • Computer-Forensics.co.uk
    Computer forensics information and resources for the U.K. Covers computer forensics degrees, education, software, jobs, password cracking, phreaking, e-threats, and e-discovery.
    www.computer-forensics.co.uk
  • Computer Forensic Training Center Online
    Worldwide self paced computer examination training that teaches sound methodology to forensically examine computer media. CEU credits are available through Kennesaw State University. Georgia and partial tuition payment is available through the GI Bill.
    www.cftco.com
  • Center for Computer Forensics
    Provides electronic evidence recovery, expert witness testimony, and litigation support services.
    www.computer-forensics.net
  • Computer Evidence Processing Steps
    Offers guidelines to avoid destroying computer evidence.
    www.forensics-intl.com/evidguid.html
  • About.com: How to Become a Cyber-Investigator
    Offers resources for computer forensics certification programs and training.
    certification.about.com/cs/securitycerts/a/compforensics.htm
  • Computer Evidence Processing
    Article discussing the importance of technical evidence.
    www.forensics-intl.com/art10.html
  • Knowledge Solutions: Computer & Internet Crime FAQ
    Basic overview of computer crime solving.
    www.forensic-science.com/faq_computer.html
  • Computer Forensic Papers (PDF)
    Term papers on history, principles, scope, instrumentation, and court admissibility.
    chantry.acs.ucf.edu/~mikep/cf/CHS5937-TermPaper.pdf
  • History of Computer Forensics, The
    Traces the development of digital evidence.
    www.pc-history.org/forensics.htm
  • Forensico
    Information on computer forensics, encryption, cryptanalysis, and steganography.
    www.forensico.com
  • DOJ: Computer Crime and Intellectual Property Section (CCIPS)
    Contains the federal guidelines for searching and seizing computers and obtaining electronic evidence in criminal investigations, and more.
    www.usdoj.gov/criminal/cybercrime/searching.html#A
Read More