Translate Website | Traducir Sitio Web

Rob Bonta ~ Attorney General

Registering for: Computer Crime/Advanced LAN Investigations


Description 

Class #: 9260-23437

Class Description:

This 40-hour course, the second in a series of two, is designed to expand on LAN I and is designed to further the skill set of law enforcement investigators need to investigate more complex, network-related incidents such as data breaches, potential nation state attacks, internal network investigations, and malware incidents. Students will gain an understanding of networking intrusion analysis concepts and apply these skills towards enterprise / business level network investigations.

The class will focus on both Windows and Linux environments teaching the students how to identify the evidence and artifacts. The students will create their own micro-network and apply their newly learned skills to demonstrate an understanding of basic networking concepts to be applied to investigations. More advanced topics, such as memory collection and analysis, malware triage as well as APT (Advance Persistent Threat),\ tools, tactics and procedures will be discussed at length.

Who Should Attend:

Personnel who will be or are currently conducting network-based or forensics for criminal activity. Students will be required to have a more in-depth knowledge of computer forensics and understanding of network related concepts (Routers, Switches, Sub-netting, IPv4 Addressing, etc.). This class will include both Windows and Linux-based tools. However, Linux-based tools will be the primary focus. It is strongly recommended that students have an understanding of Linux command line usage. Prerequisite for this class is the successful completion of the California DOJ’s LAN investigations Course (D315) or equivalent course offering. THIS IS NOT AN INTRODUCTORY LEVEL CLASS.

Class Objectives:

Upon completion of this course, the students will understand the methods suspects use to commit network-related crimes and how to respond to such incidents and gather evidence. The student will learn about more advanced network intrusion concepts, different attack methodologies, proper evidence handling, and investigative processes to assist with network forensic investigations.

Additionally the students will be able to effectively communicate and work with system administrators regarding what is needed during a network-based investigation. With this knowledge, the investigator will be better prepared to analyze network-based incidents for criminal activity and put a case together for successful prosecution.

Class Outline:

Advanced Networking Concepts

Encryption methods

Hands on labs for building networks

Investigating unauthorized access into networks

Forensic tools and investigation methods

APT Attacks

Memory analysis

Cost

This is a tuition free course for Law Enforcement.

 
Instructor Martin Balcazar
Prerequisite D315 - Computer Crime/LAN Investigations



You can select a class from the list below for the date and location which is most convenient for you.



Start Date End Date   Status Location