Windows Forensic Analysis is a hands-on course that covers digital forensics of the Microsoft Windows operating system. The collection and analysis of data tracking user based activity that can be used for internal purposes or legal litigation. TechNow has the student analyze many data images for various Windows operating systems, as current as Windows 8.1, Windows 10 in an environment that uses many Cloud technologies such as Office365, Skydrive, Sharepoint, Exchange Online, and Windows Phone.
This is not death by power point. The course is aligned with digital forensic investigators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of Windows Forensic Analysis.
Attendees to TN-909: Windows Forensic Analysis will receive TechNow approved course materials and expert instruction.
Duration: 5 days
- Windows Operating System Components
- Core Forensic Principles
- Live Response and Triage-Based Acquisition Techniques
- Windows Image Mounting and Examination
- Memory, Pagefile, Filesystems
- Data and Metadata
- Profiling systems and users
- Tracking USB and BYOD
- Log and Registry Analysis
- User Communications
- Email Forensics
- Browser Forensics
- Reporting and Presentation
- Windows and Security Experience
Latest comments from students
Liked the class? Then let everyone know!