COLLEGE OF SCIENCE

KWAME NKRUMAH UNIVERSITY OF SCIENCE & TECHNOLOGY
 KNUST Logo

E-Crime Forensic Lab

DIGITAL FORENSICS CERTIFICATION WITH E-CRIME ACADEMY

CERTIFIED DIGITAL FORENSICS EXAMINER (CDFE) CERTIFICATION

The Cyberspace is constantly evolving and presenting organizations with new opportunities and the desire to adopt new technologies. These technologies and user practices introduce some vulnerabilities within the IT environment paving way for cybercriminals to gain unauthorized access to the networks and computer systems. In light of this, there is a high demand for cyber forensics professionals who demonstrate high knowledge in investigating cybercrimes to establish how systems are compromised and what management can do to prevent such attacks.

This hands-on training will teach the process and tools used in gathering, analysing and presenting digital evidence in a forensically sound manner which will be admissible in the court of law. The course will enable the participant to perform forensic analysis on computer systems and also respond appropriately to cyber related incidents. The primary aim of the training is to equip participant with the various techniques and tools used within the forensic industry and also to pass the C|DFE exam through a hands-on approach.

What will you learn?

Participant will learn the methodology for conducting digital forensic investigations on different electronic devices such as computers, mobile devices, network devices among others. They will also be introduced to various tools and techniques used by cyber forensic professionals to conduct digital forensics examination. Participants will also learn how to respond to cybercrime incidents, conduct interview, collect evidence, maintain chain of custody, report and present all findings.

What Skill Will You Gain?

After the training, participants will be able to identify and investigate cybercrime incidents in a forensically sound matter. Using real world case studies participants will acquire the skills to conduct manual and automated analysis on digital devices such as computers, mobile devices, networks

devices among others. Participants will also develop proficiency in using leading forensics tools both open source and commercial tools to collect and analyse digital evidence. Finally, the training will build confidence in participants to take the final exam.

Who Should Attend?

Professionals involved in the collection, perseveration, and analysis of computer systems and network data, including:

  • Private / Public investigators working on digital evidence. 
  • Penetration testers with knowledge in extracting digital evidence and analysis 
  • Law enforcement offices handling digital evidence 
  • IT administrator handling the cyber related incident 
  • Cybersecurity personnel working in law firms. 
  • IT auditors with knowledge in computer forensics
  • Risk Managers/ Analyst 
  • Forensic Auditors 
  • Security Managers/Supervisors

A. ENTRY LEVEL CANDIDATE: CYBERCRIME INVESTIGATIONS & DIGITAL FORENSICS (CIDF) – LEVEL 1 THEMATIC AREAS:

  • Malware Analysis 
  • Introduction to Network Forensics 
  • Windows Artefacts & Registry Analysis 
  • Web Browser Analysis 
  • Advanced Email Forensics 
  • Cybercrime Risk Management 
  • Cybercrime Countermeasures B. INTERMEDIATE LEVEL CANDIDATE:
CYBERCRIME INVESTIGATIONS & DIGITAL FORENSICS (CIDF) – LEVEL 2 THEMATIC AREAS:
  • Internet Investigations & Intelligence Gathering
  • Social Media Forensics
  • E-mail Investigations & Forensic Analysis
  • Cybercrime Investigations Methodologies
  • Introduction to Digital Forensics
  • Internet Technology & Cybercrimes
  • Introduction to Cybercrimes & Cybercrimes Trends 

• Mobile Device Forensics

C. ADVANCED LEVEL CANDIDATE:

CYBERCRIME INVESTIGATIONS & DIGITAL FORENSICS (CIDF) – LEVEL 3

THEMATIC AREAS:

  • Advanced Network Forensics 
  • Cryptographic Techniques & Forensics 
  • Incident Response & Live Forensics
  • Advanced Malware Analysis
  • Cloud Forensics
  • Anti-Forensics Techniques
  • Digital Forensics Reporting
  • Digital Forensics Expert Witness Testimony

D. PROFESSIONAL LEVEL (MILE 2 CERTIFICATION): CERTIFIED DIGITAL FORENSICS EXAMINER (CDFE) THEMATIC AREAS:

  • Module 1: 
  • Module 2: 
  • Module 3: 
  • Module 4: 
  • Module 5: 
  • Module 6:
  • Module 7: 
  • Module 8: 
  • Module 9: 
  • Module 10: Computer Forensic Laboratory Protocols 
  • Module 11: Computer Forensic Processing 

Introduction Computer Forensics Incidents Investigation Process Disk Storage Concepts Digital Acquisition & Analysis Forensic Examination Protocol Digital Evidence Protocols CFI Theory Digital Evidence Presentation

  • Module 12: Digital Forensics Reporting 
  • Module 13: Specialised Artefact Recovery 
  • Module 14: e-Discovery and ESI 
  • Module 15: Cell Phone Forensics 
  • Module 16: USB Forensics 
  • Module 17: Incident Handling 
  • Lab 1: Preparing Forensic Workstation 
  • Lab 2: Chain of Custody 
  • Lab 3: Imaging Case Evidence / FTK Manager 
  • Lab 4: Reviewing Evidence / Access Data Tools Thematic Areas CERTIFIED DIGITAL FORENSICS EXAMINER (CDFE) 
  • Module 1: Introduction 
  • Module 2: Computer Forensics Incidents 
  • Module 3: Investigation Process 
  • Module 4: Disk Storage Concepts 
  • Module 5: Digital Acquisition & Analysis 
  • Module 6: Forensic Examination Protocol 
  • Module 7: Digital Evidence Protocols 
  • Module 8: CFI Theory 
  • Module 9: Digital Evidence Presentation 
  • Module 10: Computer Forensic Laboratory Protocols 
  • Module 11: Computer Forensic Processing 
  • Module 12: Digital Forensics Reporting 
  • Module 13: Specialised Artefact Recovery 
  • Module 14: e-Discovery and ESI 
  • Module 15: Cell Phone Forensics 
  • Module 16: USB Forensics 
  • Module 17: Incident Handling 
  • Lab 1: Preparing Forensic Workstation 
  • Lab 2: Chain of Custody 
  • Lab 3: Imaging Case Evidence / FTK Manager 
  • Lab 4: Reviewing Evidence / Access Data Tools For Further Information/Training Registration: Telephone: 050 1551125 /050 1436340 E-mail: training@e-crimebureau.com or dominic@e-crimebureau.com 

 

1. Network Intrusion Detection and Analysis [Lab Based]

Course Content:

  • Introduction to Network Security & Forensics 
  • Common Network Breaches & Countermeasures – Case Studies of Intrusions 
  • Practical Network Forensic Investigative Strategies 
  • Network Devices and Servers 
  • Sources of Network Based Evidence 
  • Networking Fundamentals (Internet Protocols Suite) 
  • Evidence Acquisition Technics and Tools 
  • Packet Analysis & Statistical Flow Analysis 
  • Wireless Network Investigations 
  • Network Intrusion Detection and Analysis 
  • Network Log Aggregation, Correlation and Analysis 
  • Malware Forensics with Network Artefacts 
  • CERT and Incident Management 
  • Identifying Live Attacks on the Network 
  • Defence in Depth Techniques – Access Control, User/Device Restriction, etc. Number of Days: 3-Days per Session Target Participants: The course is recommended for Network and System Administrators, IT Audit personnel and IT practitioners 

 

2. IT Audit & Digital Forensics [for Non-IT Professionals]

Thematic areas to be covered during the session include:

  • Introduction to IT Audit & Investigations 
  • The Nexus Between IT Audit & Digital Forensics 
  • IT-related Fraud & Forensic Audit Response 
  • Tools and Techniques for IT Audit 
  • Introduction to Digital Forensics & Handling of Digital Evidence 
  • Conducting Triage Assessment of Suspected Devices 
  • Auditing of User Activities on a Target Device (Browser and System Activities) 
  • Investigating Email Fraud 
  • IT Audit & Digital Forensics Reporting 
  • Implementing Security Controls on User Devices 
  • Information & Data Security Best Practices 
  • Practical Case – Participants will combine both audit and digital forensics skills to investigate a real case at the Lab 
Target Audience/Participants: E-Banking Heads/ Officers, Banking Operations Heads/Officers, Compliance Heads/Officers, Risk Managers/Officers, Internal Control Heads/Officers, Internal Audit Heads/Officers, etc. 

Page 2 PROPOSAL – TRAINING PROGRAMMES FOR 2018

 

3. Forgery Detection & Counterfeit Document Authentication

Course Content:

  • Overview of Fraud and Financial Crimes targeting Businesses; 
  • Latest Cheque Fraud Schemes targeting the Banks in Ghana (examine recent fraud cases); 
  • Cheque Cloning & Prevention/Detection Techniques; 
  • Identifying Security Features on Cheques; 
  • Insider Threat – Cheque Fraud & Countermeasures; 
  • Forgery of Signatures & Detection Techniques; 
  • Thumbprint Verification & Analysis; 
  • Trends in Currency Counterfeiting & Detection Techniques; 
  • Latest trends in Identity Documents (ID) Counterfeiting & Preventive/Detective Measures; 
  • Documents/Information Security; 
  • Identity Theft & Detection of Imposters; 
  • General Best Practices to Prevent & Detect Fraud in Banking Operations; 
  • Case Studies/Hands-On Sessions. Target Audience/Participants: Tellers/Cashiers, Customer Service and Relationship Officers, Account Opening Staff, Branch Managers/Supervisors, Banking Operations Employees, Internal Auditors, Staff from Compliance Dept, etc 

 

ETHICAL HACKER CERTIFICATION WITH E-CRIME ACADEMY

About the Course:

Rising cost of cyber attacks and investment in IT infrastructure requires modern organisations and professionals to develop the capacity to pre-empt and defend against cyber-attacks. Analysis and testing of vulnerabilities in network architectures, deployed applications, services and host devices are a skillset that organisations and security professionals need to evaluate risk and properly mitigate them with management and technical controls.

This hands-on training will take participants through the process of gathering and analysing information on targets, to identify vulnerabilities/weaknesses, categorize their risk and exploit them. The primary objective of the training, however, is to build competence of participants in evaluating the cyber security posture of an organisation or a targeted system. The course will also prepare participants to pass the C|PEH exam and be recognized as an international cyber security professional.

  • Toequipparticipantswithknowledgeofindustryacceptedmethodologiestoeffectivelytest, identify and exploit vulnerabilities on networks, servers/host devices, website/email systems and other security assessment areas using tools/techniques such as Kali, Metasploit, Nessus, Microsoft PowerShell, Social Engineering, Password Cracking Techniques among others; 
  • To expose participants to effectively quantity security risks and generate justifiable security controls; 
  • Tobuildthecapacityofparticipantstobeabletodeployaneffectiveplanofworktoexecute Vulnerability Assessment and Penetration Testing (VAPT) engagements; 
  • Toequipparticipantstogainworkingknowledgeintheuseofsecuritytools,bothcommercial and open-source, as well as the use of customized scripts to conduct VAPT engagements and deploy; 

Course Objectives:

Amongst other things, the above training will enable participants to achieve the following key objectives:

  • To equip participants with the necessary skills and tools to carry out offensive/defensive information gathering using the acquired skills. 
  • To enhance participants ability to generate official reports for management’s consumption. What will you learn? Participants will walk through industry accepted methodologies to effectively test, identify and exploit vulnerabilities on networks, servers/host devices, website/email systems and other security assessment areas using tools/techniques such as Kali, Metasploit, Nessus, Microsoft PowerShell, Social Engineering and Brute-Force Attacks. The course will enhance the business scope of participants as well by teaching participants how to effectively quantity security risks and generate justifiable security controls. What Skill Will You Gain? After the training, participants should be able to deploy an effective plan of work to execute Vulnerability Assessment and Penetration Testing (VAPT) engagements and develop official reports for management’s consumption. Participants should gain working knowledge in the use of security tools, both commercial and open-source, as well as usage of customized scripts, to conduct VAPT engagements and deploy. Who Should Attend? Professionals involved in protecting and simulating attacks against the infrastructure, networks, processes of organizations and other targeted entities: 
  • Data Protection Officers 
  • Security Officers 
  • Ethical Hackers 
  • Network and System Administrators 
  • IT Risk Managers 
  • Cyber Security Engineers 
  • Incidence Response Member(s) 

Proposed Course Contents:

The following comprise the main thematic areas that the training will cover:

A. CYBER ATTACKER AND DEFENDER (CAD) – LEVEL 1

THEMATIC AREAS:

  • Cyber-Threat Dynamics –Attacker & Defender Perspectives 
  • Situational Analysis - Recent Incidents of Cyber-Attacks & Evolving Trends 
  • Hacking – Legal or Illegal? 
  • The 3Ts - Hacking Techniques, Tricks & Tools 
  • Techniques for Information Gathering & Credential Harvesting 
  • Network Architecture & Vulnerabilities 
  • Attacking and Defending as a Social Engineer 
  • The Paradox – An Insider as an Attacker and a Defender 
  • Email Hack & Countermeasures 
  • Operating Systems Vulnerabilities & Exploitation 
  • Hacking Social Media Accounts 
  • Exploiting Webservers & Remote Systems 
  • Data exfiltration & Countermeasures B. CYBER ATTACKER AND DEFENDER (CAD) – LEVEL 2 THEMATIC AREAS: 
  • Advanced Social Engineering Attacks and Defense 
  • Developing and Deploying Malwares to Compromise Target Systems 
  • Attacking Wireless Networks 
  • Writing a Script to Hack a Target (Python, PowerShell) 
  • Profiling the Hacker - Network Monitoring & Interception 
  • Hacking and Cloud Security 
  • Securing Networks against Attacks 

• Defense in Depth Techniques and Tools • DatabaseHackingTechniques&Defense

C. CYBER ATTACKER AND DEFENDER (CAD) – LEVEL 3

THEMATIC AREAS:

  • The Hacker’s new Target – Internet of Things(IoT) 
  • Cracking Passwords of Protected Systems & User Accounts 
  • Exploiting & Patching Mobile OS Vulnerabilities 
  • Concept and Practice – Vulnerability Assessment and Penetration Testing 
  • E-Payment Vulnerabilities and Hacking Opportunities 
  • Malware Analysis & Reverse Engineering 
  • Securing Physical Location of IT Systems 
  • CERT and Incident Management 
  • Cyber Defence Policies and Guidelines (PCI, ISO 270001, etc). 
  • Proof-of-Concept: Documenting Successful Attacks/Exploitation 

D. (MILE 2 CERTIFICATION PREPARATORY COURSE) - CERTIFIED PROFESSIONAL ETHICAL HACKER (CPEH)

THEMATIC AREAS:

  • Module 1 - Business & Technical Logistics of Penetration Testing 
  • Module 2 - Linux Fundamentals 

  • Module 3 - Information Gathering-Reconnaissance (Passive) 
  • Module 4 - Detecting Live Systems-Reconnaissance (Active) 
  • Module 5 - Enumeration-Reconnaissance (Active) 
  • Module 6 - Automated Vulnerability Assessment 
  • Module 7 - Malware (Software Goes Undercover) 
  • Module 8 - Assessing and Hacking Windows 
  • Module 9 - Assessing and Hacking Unix/Linux 
  • Module 10 - Advanced Assessment & Exploit Techniques 
  • Module 11 - Leakage Analysis of Wireless Networks 
  • Module 12 - Networks, Sniffing and Intrusion Detection Systems (IDS) 
  • Module 13 - Assessing & Hacking Databases 
  • Module 14 - Assessing & Hacking Web Technologies 
  • Module 15 - Report Writing Basics. 

PROPOSED SCHEDULE FOR TRAINING PROGRAMME

Telephone: 050 1551125 /050 1436340 For Further Information/Training Registration:

E-mail: training@e-crimebureau.com or dominic@e-crimebureau.com