This 40-hour course is designed to teach law enforcement agents to investigate network-related crimes such as data breaches, internal theft, and malware incidents. Students will gain an understanding of networking concepts relating to both home-based networks and enterprise level investigations.
The class will cover Windows and Linux environments and teach students how to identify the evidence artifacts leading back to the suspect. The students start by creating their own network and putting their newly learned skills to the test on the final day with a real life data breach investigation.
Lecture, hands-on activity.
Upon completion of this course, students will understand the methods used to commit network-related crimes and how to gather evidence. Students will learn about network intrusions, hacking attack methodologies, proper evidence handling, some popular hacking tools, and investigative processes to assist with network forensic investigations.
Additionally, students will be able to communicate with systems administrators and other technology staff regarding what is needed during a network-based investigation or incident. With this knowledge, students will be better prepared to analyze network-based incidents for criminal activity and to build a case for successful prosecution.
Students should be those who are currently conducting network-based investigations for criminal activity. Students will need to have some knowledge of computer forensics and familiarity with the command line in Windows- and Linux-based computers. This class will include tools from both platforms.