Network Forensics

Network Forensics

Course Description

Learn about the common devices used in computer networks and identifies the location useful data may reside and the proper method on how to collect the data for analysis. Attendees will also discuss the hacker methodology and artifact to look for and isolate for collection, common exploits in Windows Server systems. There will also be discussion of recognition of exploit traffic and the ability to recognize the difference between attacks and poor network configuration. Attendees will complete numerous practical exercises which follow lecture and demonstrated concepts. Attendees will also be required to complete a comprehensive final practical exercise to demonstrate learned concepts.

Course Length

5 days

Dates

December 2 - 6, 2013

Course Topics

• Network topology and design
• Hacker methodology
• IDS and penetration intelligence
• Common exploits
  • Server exploits
  • Virus exploits
• Exploit traffic
  • Recognition of exploit traffic patterns
  • Recognition of hacked hosts vs poorly configured hosts

Requirements

The biggest prerequisite is a logical mindset and a desire to learn. However, you will need the following to succeed in class:

• Attended Applied and Intermediate Computer Forensics or comparable coursework or experience
• Complete comfort and familiarity with the Windows operating system and usage of Windows based applications is essential
• IT, networking and programming backgrounds are helpful but not necessary

Instructor Bio

Todd Careless is the owner of Firelands Data Recovery, LLC and an adjunct instructor for Tactical Network Solutions. He has been a law enforcement officer since 1990 where he conducted criminal investigations, crime scene forensics and computer forensics until 2006. In 2006, Todd joined the Ohio Attorney General’s office becoming the computer forensic and computer investigative instructor for the Ohio Peace Officer Training Academy. During his time at the academy, he updated and expanded all of the computer courses, adding network, network forensic and additional hours of forensic training to the curriculum.

In 2012, he left the academy to concentrate on his company. He is currently conducting computer forensic training for civilian, government, military and law enforcement personnel. Todd is a Access Data Certified Examiner (ACE) and Access Data Certified Instructor (ACI). He has also attained several other computer forensic certifications over the years, Certified Forensic Computer Examiner (CFCE) and the GIAC Certified Forensic Analyst (GCFA).