Course CDFE: Certified Digital Forensics Examiner

This course is already delivered, please contact us for the next available session tel:+357 22 44 14 92
Course Outline in PDF

Candidate Prerequisites: Basic familiarity with Windows Operating Systems

Windows Forensics Analysis training course provides the knowledge and skills to conduct forensic investigations on the Windows Operating System.

Who Should Attend:
Security professionals wanting to build basic to intermediate knowledge in Computer Digital Forensic Investigation.


Module 1: Introduction to Computer Digital Forensics Investigation
• The need for Digital Forensics Investigation
• Methodology of Digital Forensics Investigation
• Ethics and Compliance to Legal Systems

Module 2: First Responder & On-Site Forensics Analysis
• Digital Forensics Lab Toolkit
• Volatile and Non-Volatile Memory Structures
• Memory Dumps and RAM Acquisition
• Rootkit Identification through Process Analysis
• Data Analysis

Module 3: Non-Volatile Data Acquisition
• Duplication and Imaging
• Preserving the media integrity
• Acquisition of Local and Remote Storage
• File System and Volume Information Identification
• File and Evidence Hashing

Module 4: Artifact Timeline Analysis
 • Events Timeline Analysis
• Metadata Timeline Analysis

 Module 5: File System Analysis & Date Recovery
• Hard Drive Structure and Interface Types
• FAT – File Allocation Table
• Master File Table (MFT)
• NTFS and $Bitmap
• Metadata • File Carving
• EFS and Bitlocker

Module 6: Windows Registry Analysis
• Registry Structure
• Auto-run keys
• Reading Offline Registry Files

Module 7: Logs Analysis
• Windows Event Logs
• Structure of Event Logs
• Methods for analyzing Event Logs

Module 8: Windows Files & Metadata Analysis
• Volume Shadow Copies
• Prefetch Files
• Thumbs DB

Module 9: Internet Explorer, Google Chrome & Outlook Analysis
• History and Cache
• Email File Structures

Module 10: Network Forensics Analysis
• Collecting and Analyzing Network Data

Module 11: Mobile Forensics Analysis
• Analyzing SQLite database on Android Devices
• Analyzing Network Activity on IOS Devices

Module 12: Computer Digital Forensics Reporting
• Writing digital Forensics Reports
sd sd sd sd sd sd sd sd sd sd sd sd