ÖVERSIKT

The GCFE (GIAC Certified Forensic Examiner) course teaches you how to conduct digital forensic investigations on Windows systems. You will learn how to acquire and analyze evidence from various sources, such as hard drives, memory, registry, event logs, browser history, and email. You will also learn how to use various tools and techniques, such as FTK Imager, Autopsy, Timeline Explorer, Log2Timeline, Shellbags Explorer, and Prefetch Parser, to recover deleted files, identify malware artifacts, and reconstruct user activity. The course prepares you for the GCFE certification exam that validates your skills in Windows forensic analysis.

Vad ingår

Your course package is designed to provide maximum learning and convenience. This is included in the price of your course:

INSTRUKTÖRSLETT PROGRAM
KURSMATERIAL
CERTIFIERINGSGARANTI
INSTRUKTÖRSLETT PROGRAM
BOENDE
KURSMATERIAL
ALL MAT
CERTIFIERINGSGARANTI

EXAMEN & CERTIFIERING

Your expert instructor will get you ready for the following exam and certification, which are not included in your course package.

GIAC Certified Forensic Examiner Exam (GCFE)
GIAC Certified Forensic Examiner (GCFE)

FÖRKUNSKAPER

The prerequisites for the GCFE are:
- Basic understanding of Windows operating system and file systems
- Basic familiarity with command line tools and GUI tools
- Basic knowledge of networking concepts and protocols
- Basic knowledge of malware analysis and reverse engineering

Agendan

Using our engaging learning methodology including a variety of tools, we’ll cover the entire curriculum.

Introduction to Digital Forensics and Windows File Systems
- Overview of digital forensic process and methodology
- Overview of Windows operating system and file systems (NTFS, FAT, exFAT)
- Disk and file system concepts (sectors, clusters, MFT, slack space, etc.)
- Disk and file system acquisition methods and tools (FTK Imager, dd, etc.)
- Disk and file system analysis methods and tools (Autopsy, fsstat, fls, etc.)

Windows Artifact Analysis
- Overview of Windows artifacts and their forensic value
- Registry analysis methods and tools (RegRipper, Registry Explorer, etc.)
- Event log analysis methods and tools (Log Parser Lizard, Event Log Explorer, etc.)
- Browser history analysis methods and tools (Web Historian, Hindsight, etc.)
- Email analysis methods and tools (PST Viewer Pro, MBOX Viewer Pro, etc.)

File Recovery and Timeline Analysis
- Overview of file recovery techniques and challenges
- Deleted file recovery methods and tools (Recuva, PhotoRec, etc.)
- File carving methods and tools (Foremost, Scalpel, etc.)
- Timeline analysis concepts (MACB times, log2timeline format)
- Timeline analysis methods and tools (Timeline Explorer, Log2Timeline/Plaso)

Memory Forensics
- Overview of memory forensics concepts and challenges
- Memory acquisition methods and tools (DumpIt,WinPMEM)
- Memory analysis methods and tools (Volatility,Rekall)
- Memory artifact analysis (processes, DLLs, handles, sockets, etc.)

Malware Forensics
- Overview of malware forensics concepts and challenges
- Malware identification methods and tools (VirusTotal, YARA) Malware static analysis methods and tools (PEview, strings,IDA Pro)
- Malware dynamic analysis methods and tools (Process Monitor, Process Explorer, Wireshark)
- Malware artifact recovery methods and tools (prefetch files, autoruns entries, registry keys)

Contact sales

Quick book

Format:

Virtuell Klassrum

Price:

31900 SEK 43900 SEK

Välja Datum:

23 - 27 okt

FAQ's

How does Virtual Training Work?

The Virtual Classroom is an online room, where you will join your instructor and fellow classmates in real time. Everything happens live and you can interact freely, discuss, ask questions, and watch your instructor present on a whiteboard, discuss the courseware and slides, work with labs, and review.

Can I sit my Exam from Home?

Yes, you can sit exams from all the major Vendors like Microsoft, Cisco etc from the comfort of your home or office.

Which IT courses can I do from home?

With Readynez you do any course form the comfort of your home or office. Readynez provides support and best practices for your at-home classroom and you can enjoy learning with minimal impact on your day-to-day life. Plus you'll save the cost and the environmental burden of travelling.

Which IT Training course is right for me?

Well, learning is limitless, when you are motivated, but you need the right path to achieve what you want. Readynez consultants have many years of experience customizing learner paths and we can design one for you too. We are always available with help and guidance, and you can reach us on the chat or write us at info@readynez.com.

Amazon Web Services	APMG	AXELOS
BCS	Cisco	CompTIA
Dasa	EC-Council	GIAC
ISACA	(ISC)2	ISO
ISTQB	ITIL	Lean Six Sigma
Linux	Microsoft	PMI
Scrum	The Open Group	VMware
Data Protection	Readynez	CWNP
Wireshark	NetApp	IAPP
SAFe	Blockchain Training Alliance	Kaspersky Lab
Docker	Offensive Security	SIAM
CertNexus	Google Cloud	Palo Alto
PM² Alliance	Blue Prism

Business Applications	Klient, Server och Nätverk	Cloud & DevOps
Data, BI & AI	Utveckling	Projektledning och Best Practice
Säkerhet	Microsoft Azure

Kurs och Certifieringar

Other Results

Om Kurserna

Find course

GIAC Certified Forensic Examiner (GCFE)

"Superb course, very well organized and super good course leader!"