Part A will focus on the inner workings of various Windows Operating Systems and how to carry out forensic investigation on Windows artefacts. Participants will learn to identify file executions and recover deleted files. They will analyse Windows logs to look for potentially malicious events, how email works and how to analysis email headers to determine the source and authenticity of emails.
Part B focuses on analysing internet browser artefacts. Participants will learn to use artefacts store by browsers to determine sites that have been visited, the files accessed and actions carried out by users. They will be introduced to the basics of network log analysis and common tools used for this.
This module is part of Advanced Cert in Cyber Forensic.