Windows 10 Advanced Forensic Analysis (Live Onsite – MN)
4-day Advanced Level Course
The Advanced Windows® 10 Forensic analysis class is an expert-level four-day training course, designed for examiners who are familiar with the principles of digital forensics and keen to expand their knowledge on advanced forensics using a host of third-party tools to improve their digital investigations techniques.
The Spyder Forensic Advanced Windows® 10 Forensic Analysis course will give participants unbiased knowledge and skills necessary to analyze artifacts left behind through system and user interaction with the host system, utilizing industry standard tools and open source applications to explore the data in greater depth by learning how applications function and store data throughout the system.
Students will learn to use various applications and utilities to successfully identify, process, understand and document numerous Windows® artifacts that are vitally important to forensic investigations. The participant will gain knowledge on how to process the chromium Edge browser, BitLocker encryption, Windows® Action Center, TimeLine and other Windows® 10 specific artifacts. The course includes gaining in-depth knowledge of JumpLists, Registry analysis and prefetch files and how they relate to the investigation and conclude with an in-depth look at OneDrive and synchronization processes between trusted devices. SQLite forensics plays a major role in the analysis of data therefore students will gain detailed knowledge in scripting and data exploitation.
Students will use a variety of open source and leading forensic applications to examine key artifacts through multiple hands on labs and student practical’s.