Watch trailer
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 8/16/2017 | |
| Level | Intermediate | |
| Runtime | 1h 39m | |
| Closed captioning | Included | |
| Transcript | Included | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | N/A | |
| Exams | Included |
Course description
When is the last time you sent an email? Have you used a network lately to surf the Internet or post to your Facebook? Networks and email are an integral part of today’s enterprise infrastructures, not to mention everyday life at home. Knowing where to look for evidence on a network, if it’s a firewall, IPS/IDS solution, or a router is essential for an investigator. Do we check the logs first or is there another place to look? What about emails? Do we know where to find evidence there? If you know where to look, what exactly will you be looking for? Coming up we will answer all these questions and more on your way to becoming a forensic investigator. This course is part of a series covering the EC-Council Computer Hacking Forensic Investigator (CHFI).
Prerequisites
Recommended:
Understanding of networking; How data flows from source and destination
Computer security basics such as passwords, encryption and physical security
Basic understanding of computing and computer systems
Experience with various operating systems
Learning Paths
This course will help you prepare for the following certification and exam:
Computer Hacking Forensic Investigator
Meet the expert
David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia
Course outline
Network and Email Forensics
Network Review (18:51)
- Introduction (00:26)
- Quick Networking Review (02:10)
- IP Addressing (04:18)
- Networking Devices (02:28)
- DNS (00:06)
- DHCP (01:16)
- Routers (01:59)
- IDS/IPS (01:41)
- Firewalls (02:21)
- Routing (01:40)
- Summary (00:20)
Network Forensics (14:48)
- Introduction (00:18)
- What to Look for in Network Forensics (01:42)
- Log Files (02:21)
- Log Usage and Legalities (03:47)
- Log Collection (01:38)
- Event Correlation (02:07)
- Centralized Logging (01:11)
- Centralized Logging Advantages (01:22)
- Summary (00:19)
Firewall Analysis (08:19)
- Introduction (00:19)
- Firewall Analysis (03:04)
- Checkpoint Firewall Forensics (01:39)
- Cisco Firewalls (02:55)
- Summary (00:19)
IDS Analysis (06:15)
- Introduction (00:21)
- IDS Analysis (01:47)
- Juniper IDS (00:54)
- Juniper IDS Logs (00:52)
- Checkpoint IDS (02:01)
- Summary (00:17)
Router Analysis (06:45)
- Introduction (00:22)
- Router Analysis (01:17)
- Cisco Routers (02:54)
- Juniper Routers (01:51)
- Summary (00:19)
Live Analysis (09:38)
- Introduction (00:23)
- Live Analysis (05:42)
- Wireshark (01:53)
- Live Analysis, Continued (01:20)
- Summary (00:19)
Email Review (10:13)
- Introduction (00:24)
- Email Review (05:11)
- Email Review, Protocols (04:22)
- Summary (00:14)
Email Crimes (13:36)
- Introduction (00:22)
- What Can Happen (01:50)
- What Can Happen, Identity Fraud (01:54)
- What Can Happen, Cyber Stalking (02:42)
- What Can Happen, Child Abuse (02:01)
- What Can Happen, Human Trafficking (01:46)
- Tools to Use (02:37)
- Summary (00:21)
Email Analysis (10:32)
- Introduction (00:20)
- Where to Find Email Evidence (00:31)
- Email Header (02:08)
- Where to Find Email Evidence, Client Information (01:48)
- Email Headers, Information Focus (00:47)
- Where to Find Email Evidence, Files (02:58)
- Email Logs (01:35)
- Summary (00:20)