Network Forensics Investigation (NFI)

Course Title:

Network Forensics Investigation (NFI)

Course Duration:

12 Weeks – 2 Hours a Day, 5 Days a Week

Course Objectives:

The course is designed to provide fundamental skills needed to conduct network forensics investigation and investigating logs and network traffic. Graduates will learn how collect evidence of crime conducted over the network for example the internet.

Course Contents:

  1. Log Capturing and Events Correlation
    • Computer Security Logs
    • Logs and Legal Issues
    • Log Management
    • Centralized Logging and Syslogs
    • Time Synchronization
    • Event Correlation
    • Log Capturing and Analysis Tools
  2. Network Forensics, Investigation Logs and Investigating Network Traffic
    • Network Forensics
    • Network Attacks
    • Log Injection Attacks
    • Investigating and Analyzing Logs
    • Investigating Network Traffic
    • Traffic Capturing and Analyzing Tools
  3. Investigating Wireless Attacks
    • Wireless Technology
    • Wireless Attacks
    • Investigating Wireless Attacks
    • Features of a Good Wireless Forensics Tools
    • Wireless Forensics Tools
  4. Application Password Crackers
    • Password Cracking Concepts
    • Types of Password Attacks
    • System Software Password Cracking
    • Application Software Password Cracking
    • Password Cracking Tools
  5. Forensics Investigation Using AccessData FTK
    • Overview and Installation of FTK
    • FTK Case Manager User Interface
    • FTK Examiner User Interface
    • Starting with FTK
    • FTK Interface Tabs
    • Adding and Processing Static, Live and Remote Evidence
    • Using and Managing Filters
    • Using Index Search and Live Search
    • Decrypting EFS and Other Encryption Files
    • Working with Reports
  6. Investigative Reports
    • Computer Forensics Reports
    • Computer Forensics Reports Template
    • Investigative Report Writing
    • Sample Forensics Report
    • Report Writing Tools
  7. Becoming an Expert Witness
    • Expert Witness
    • Types of Expert Witness
    • Scope of Expert Witness Testimony
    • Evidence Processing
    • Rules for Expert Witness
    • General Ethics While Testifying

    Student Learning Outcome

    Upon successful completion of the courses graduates will be able to understand the process of investigating cyber crime, laws involved, and the details in obtaining a search warrant, different types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category, roles of first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, reporting the crime scene, computer security logs, logs and legal issues, event correlation, log capturing and analysis tools, network forensics, investigating logs and investigating network traffic, investigating wireless attacks and wireless technologies.

    Target Group:

    Forensics Analysts, Penetration Testers, Auditors, Law Enforcement Personnel, Defense and Military personals, Legal Professionals, Bankers, Security Professionals, Managers, Operational Personnel who have security as their primary job function, IT Engineers and Supervisors, Administrators, and anyone who is concerned about the integrity of the network infrastructures.

    Admission Requirements:

    Attending this course individual must have strong foundation in Information and Network Security. For those that are brand new to the field with no background knowledge, Certificate in Information and Network Security (CINS) would be the recommended starting point.

    Course Fee

    Tsh. 620,000/=

    Group Arrangement:

    TZS 85,000 per hour for group of 10-20 people
    Duration: 15 days; 8 hours a day

    Download Application Form for this Course