Windows Systems Forensic Analysis

Course Code: IFIS DFI/01

What You Will Learn?

Perform proper Windows forensic analysis by applying key techniques focusing on Windows 7/8/10
Use full-scale forensic tools and analysis methods to detail nearly every action a suspect accomplished on a Windows system, including who placed an artifact on the system and how, program execution, file/folder opening, geo-location, browser history, profile USB device usage, and more
Identify keywords searched by a specific user on a Windows system to pinpoint the data and information that the suspect was interested in finding and accomplish detailed damage assessments

Learn event log analysis techniques and use them to determine when and how users logged into a Windows system, whether via a remote session, at the keyboard, or simply by unlocking a screensaver
Determine where a crime was committed using Registry data to pinpoint the geo-location of a system by examining connected networks and wireless access points
Determine the number of times files have been opened by a suspect through browser forensics, shortcut file analysis (LNK), e-mail analysis, and Windows Registry parsing

$ 400, 5 Days

Includes

Certificate of completion
Full access to study materials
Access to summit ACADEMY

Share via:

Laptop Requirements

CPU: 64-bit Intel i5/i7 (4th generation+) – x64 bit 2.0+ GHz processor or more recent processor is mandatory for this class (Important – Please Read: a 64-bit system processor is mandatory)
8 GB (Gigabytes) of RAM or higher is mandatory for this class (Important – Please Read: 8 GB of RAM or higher of RAM is mandatory and minimum. For best experience, 16GB of RAM is recommended.)
Wireless 802.11 Capability
USB 3.0
250+ Gigabyte Host System Hard Drive minimum
200 Gigabytes of Free Space on your System Hard Drive – Free Space on Hard Drive is critical to host the VMs we distribute
Students should have the capability to have Local Administrator Access within their host operating system and BIOS settings

About Course

You cannot protect what you do not know, and understanding forensic capabilities and artefacts is a fundamental cog of information security. This course centres on building in-depth digital forensics knowledge of Microsoft Windows operating systems. You will learn how to recover, analyse, and substantiate forensic data on Windows systems, track particular user activity on your network, and organize findings for use in incident response, internal investigations, and civil/criminal proceedings. You will be able to use your new skills to validate security tools, enhance vulnerability assessments, identify insider threats, track hackers, and improve security policies.

Course Outline

Windows Digital forensics
Windows Registry Forensics and Analysis
USB Devices and Shell items
E-mail, Key Additional Artifacts and Event logs
Web Browser Forensics

Target Audience

This course is for Application Security Professionals interested in Mobile Application Security
If you are trying to automate the cumbersome process of Mobile Application Security Assessment; Don’t hesitate, this is for you.
If you want to learn Mobile Application Security, this course is probably not for you.

Duration and Fees

Duration: 5 days
Pricing: $400

Need to know more?

Contact Our team and get all your questions answered or you can request for a call back

Request a Callback

Talk to us on +256 414 231 136 or fill in these details below and request a callback