Forensic-XPERT | Workshop on Cyber Forensics & Crime Investigation

Forensic-XPERT

Workshop on Cyber Forensics & Crime Investigation

This workshop is dedicated on Cyber Forensics & Crime Investigation. Computer Forensics is a detailed and scientific study, research and implementation of computer science subjects for the purpose of gathering digital evidence in cases of cyber crimes or for other scientific research purposes also it introduces the needs of the current cyber security sector.

Topics to be covered in this Workshop

A. Understanding of an Organization's IT Environment and Need for a Security Infrastructure

1. Some latest Attack Snippets
2. What is Information Security
3. What is CIA of Information
4. Need to secure the Information
5. Conventional IT Infrastructure of an Organization and the associated Potential Threats
6. Advanced IT Infrastructure of an Organisation with Security Implementation
7. Concept of Zoning - Demilitarized Zone, Militarized Zone
8. Basic Servers being used in the IT Environment and their positioning in different Zones
a. Web Server,
b. DNS Server
c. DHCP Server
d. Proxy Server etc.
9. Brief Insight of the IT Security Devices used
10. Overview of the Security Attacks
a. TCP 3 way handshake
b. SYN Flood Attack
c. DOS and DDOS Attack and Botnets
d. Demo: Live DDOS Attack
e. Man-In-the-Middle Attack
f. SMURF Attack
g. Social Attacks
11. Social Engineering - Live Demo
12. Shoulder Surfing - Live Demo
a. Salaami Attacks
b. IP Address Spoofing
c. Port Scans
d. Snififng
13. How VPN Works and its associated Security Threats

B. What is Computer Forensics all about?

1. Difference - Computer Crime & Un-authorized activities.
2. 6 steps involved in Computer Forensics - Description of what is to be carried in each step
3. Need for forensics investigator

C. Security Incident Response

1. What is a Security Incident
2. Role of the Investigator in investigating a Security Incident
3. Evidence Control and Documentation
4. skills and Training of a Forensics Investigator - Technical, Presentation, Professional

D. Corporate Regulation and Privacy Issues

1. Computer Abuse in the Corporate World
2. Security Policies
3. Security and Acceptable-Use Policies

E. Evidence Control and Documentation

1. Document, Documents, Document.
2. Evidence Collection and Inventory
3. Chain of Custody
4. Evidence Storage and Security

F. Building a Forensics Laboratory

1. Laboratory Standards
2. Facility Physical Security
3. Evidence Security
4. Software
5. Hardware
6. Portable Forensics Labs

G. COMMERCIAL FORENSICS SOFTWARE TOOLS

1. The Case for Commercial Tools
2. Encase
3. Access Data Forensics Tool Kit
4. DriveSpy and Paraben

H. Open Source FORENSICS TOOLS -

1. Hands-On Windows Forensic Analysis Tools Open Source
2. Process Explorer from SysInternals
3. WhatsRunning
4. Registry Decoder
5. CPORTS
6. Windows File Analyzer
7. Windows File Checksum Inetgrity Verifier
8. Registry Ripper
9. Microsoft Log Parser Tool

I. Open Source Disk Imaging Tools

1. What is Disk Imaging
2. Utilities of Disk Imaging
3. Disk Imaging Utilities
4. Access Data FTK Imager

J. File Analysis

1. What is File Analysis ?
2. File Attributes
3. Unix File Permissions
4. Known File Type Signatures & Hashes
5. Hands-On: File Alyzer
6. Malwares
a. Tyeps- Virus, Worms, Trojan, Spyware, Grayware, ScareWare
b. Malware infected files
7. Virus Characteristics
8. Indications of a Trojan Infection
9. Worms
10. Hands-On: Windows File Analyzer- File Analysis Software

K. Log analysis

1. Why Log Analysis
2. Understanding Windows Log analysis
3. Tools for Log Analysis
4. OSSEC HIDS - SOLUTION for Efficient and FREE OF COST LOG ANALYSIS
5. Installation Logs
6. Windows Event Logs
7. UNIX Syslogs
8. Firewall and IDS/IPS Logs
9. Live Demo: Firewall Log Analysis
10. Apache Access Logs & Error Logs

L. Windows Forensics

1. LIVE VS DEAD RESPONSES - WHEN AND WHY
2. NETWORK CONNECTIONS TCP-States
3. Hands-On -Whats Up Running Tool
4. Hands-On-Process Explorer Tool
5. Hands-On -CPorts
6. Windows Processes
7. Hands-On-Services.msc
8. Hidden Files
9. Hands-On-Concept of ADS (Alternate Data Stream)
10. Hands-On -Windows File Analyser Tool
11. AUDITING & THE SECURITY EVENT LOG
12. Hands-On - Windows File Checksum Integrity Verifier
13. Hands-On - Access Data Forensics Tool Kit
14. Hands-On -Indentifying the USB Drives Connected to the System
15. Hands-On -NMAP Tool
16. Create a Disk Image

M. Linux Forensics

1. Network connections,
2. Services
3. Logging and log files in UNIX
4. Linux forensics tools
5. Demo - Real Time Command Logging
6. Live Demo: Forensic Analysis using OSSEC HIDS

N. CONCLUDING THE INVESTIGATION

1. Documentation
2. Preparation
3. Concluding a Corporate Investigation
4. Testifying in Court
5. Ethical Responsibilities

Duration

The duration of this workshop will be two consecutive days, with eight hour session each day in a total of sixteen hours properly divided into theory and hands on sessions

Certification

A 'Certificate of Participation' by HoriZON (An Unit of MBS Group™) to all Participants of this workshop. At the end of this workshop, a small competition will be organized among the participating students and winners will be awarded with a 'Certificate of Merit'.

Eligibility

All are Basic level workshops so there are no prerequisites. Anyone interested, can join these workshops.

Fee

Rs. 1000/- (inclusive of all Taxes) per participant
* The fee include study material, Certification, human resources and other charges.