This course is compatible with Windows Vista Operating System.

This course must be taken from a PC. Students should have a computer capable of booting to Windows 98 and must have Internet access.

Students will be provided with some forensic software that was written specifically for forensic examiners. Each registered student will receive:

  • A fast and thorough wiping program.
  • A fast checksum program.
  • A fast program that documents files (including deleted files) on a drive.
  • A program that allows examination of unallocated space.
  • A program that makes exact forensic copies of floppy diskettes.
  • An excellent forensic "carving" utility.
  • The Passware Kit from Lost Password.com.

Students will be required to purchase:

  • Norton Utilities
  • Norton Ghost
  • QuickView Plus (a viewing application)
  • A good virus-scanning utility

    Why do I need a computer capable of booting to Windows 98?

    The material used in this course is based on the concept of teaching computer forensics from a vendor neutral perspective. This course teaches the low level mechanics of commonly encountered file systems. Computer forensics is not a point and click process, neither is the Key Computer approach to training. If a student can gain a solid understanding of one file system and how it functions at a low level then that student will be prepared to learn other file systems as well.

    This course material will teach low level mechanics and functions of both the FAT file system and the New Technology File System (NTFS). Although the FAT file system is not available on new computers, it is the default file system on floppy diskettes and USB devices. Many computer forensic incidents involve USB devices and will continue to involve these devices for years to come. Consequently, students studying to become successful forensic computer examiners must understand the FAT file system which is why it is necessary to use a computer that can boot to Windows 98.

    Windows 98 is based on the FAT file system, and a computer formatted with Windows 2000 may be formatted with the FAT file system or NTFS.

    NTFS is the native file system for Windows XP and Vista.

    The completion of several practical exercises is a requirement of this course. Some include floppy diskettes. Although the floppy diskette is no longer commonly encountered in the field, it is the exercise that is significant and any action taken on a floppy diskette can be replicated on a hard drive.

    The CCE BootCamp will train you to not only thoroughly examine digital media, but also clearly document, control, prepare and present examination results.

    The CCE BootCamp includes instruction on conducting thorough examinations, identifying where and how data is stored, recovering and interpreting data and drawing appropriate conclusions based on the data.

    A sound understanding of the FAT and NTSF file systems is critical to forensic examination. These file systems are important because they are the base of Windows operating systems, portable flash media, storage devices and other digital media in use everywhere today. USB drives, mobile phones, laptops, desktops and cameras are examples of common equipment that use these systems. FAT file system logical structures are utilized by DOS and Windows 9.x. NTFS logical structures are utilized by Windows NT, 2000, XP and Vista.


    • Course Overview/Description Course Objectives Course Outline Prerequisites/Audience PC Requirements/Materials Included Instructor Bio FAQs See a Demo
  •  
  • 3ds max
  • Administrative Professional with Microsoft Certified Application Specialist Training
  • Administrative Professional with Microsoft Office Specialist
  • ASP.NET Training
  • AutoCAD 2007
  • AutoCAD 2009
  • Cisco® CCENT™ Authorized Certification Training
  • Cisco® CCNA® Authorized Certification Training
  • CompTIA™ A+ Certification Training
  • CompTIA™ Linux+/LPI Level One Certification Training
  • CompTIA™ Network+/Server+ Certification Training
  • CompTIA™ Security+ Certification Training
  • eBusiness Certificate
  • English as a Second Language - Global English
  • Help Desk Analyst: Tier 1 Support Specialist
  • Microsoft Access 2007
  • Microsoft Certified Application Specialist Training (MCAS)
  • Microsoft Certified Database Administrator (MCDBA)
  • Microsoft Certified Desktop Support Technician (MCDST)
  • Microsoft Certified System Administrator 2003 (MCSA)
  • Microsoft Certified System Administrator Plus 2003 (MCSA+)
  • Microsoft Certified System Engineer 2003 (MCSE)
  • Microsoft Certified Technology Specialist: SQL Server 2005 (MCTS)
  • Microsoft Excel 2007
  • Microsoft Office Specialist 2003 (MOS)
  • Microsoft Outlook 2007
  • Microsoft PowerPoint 2007
  • Microsoft Vista Business
  • Microsoft Word 2007
  • Pay Per Click Marketing
  • RFID (Radio Frequency Identification) on the Web™
  • Search Engine Marketing
  • Search Engine Optimization
  • Web Database Developer
  • Webmaster

Forensic Computer Examiner

GES 305 -- 150 hours

PC Requirements/Materials Included

    This course is compatible with Windows Vista Operating System.

    This course must be taken from a PC. Students should have a computer capable of booting to Windows 98 and must have Internet access.

    Students will be provided with some forensic software that was written specifically for forensic examiners. Each registered student will receive:

    • A fast and thorough wiping program.
    • A fast checksum program.
    • A fast program that documents files (including deleted files) on a drive.
    • A program that allows examination of unallocated space.
    • A program that makes exact forensic copies of floppy diskettes.
    • An excellent forensic "carving" utility.
    • The Passware Kit from Lost Password.com.

    Students will be required to purchase:

    • Norton Utilities
    • Norton Ghost
    • QuickView Plus (a viewing application)
    • A good virus-scanning utility

      Why do I need a computer capable of booting to Windows 98?

      The material used in this course is based on the concept of teaching computer forensics from a vendor neutral perspective. This course teaches the low level mechanics of commonly encountered file systems. Computer forensics is not a point and click process, neither is the Key Computer approach to training. If a student can gain a solid understanding of one file system and how it functions at a low level then that student will be prepared to learn other file systems as well.

      This course material will teach low level mechanics and functions of both the FAT file system and the New Technology File System (NTFS). Although the FAT file system is not available on new computers, it is the default file system on floppy diskettes and USB devices. Many computer forensic incidents involve USB devices and will continue to involve these devices for years to come. Consequently, students studying to become successful forensic computer examiners must understand the FAT file system which is why it is necessary to use a computer that can boot to Windows 98.

      Windows 98 is based on the FAT file system, and a computer formatted with Windows 2000 may be formatted with the FAT file system or NTFS.

      NTFS is the native file system for Windows XP and Vista.

      The completion of several practical exercises is a requirement of this course. Some include floppy diskettes. Although the floppy diskette is no longer commonly encountered in the field, it is the exercise that is significant and any action taken on a floppy diskette can be replicated on a hard drive.

      The CCE BootCamp will train you to not only thoroughly examine digital media, but also clearly document, control, prepare and present examination results.

      The CCE BootCamp includes instruction on conducting thorough examinations, identifying where and how data is stored, recovering and interpreting data and drawing appropriate conclusions based on the data.

      A sound understanding of the FAT and NTSF file systems is critical to forensic examination. These file systems are important because they are the base of Windows operating systems, portable flash media, storage devices and other digital media in use everywhere today. USB drives, mobile phones, laptops, desktops and cameras are examples of common equipment that use these systems. FAT file system logical structures are utilized by DOS and Windows 9.x. NTFS logical structures are utilized by Windows NT, 2000, XP and Vista.


    Find a School