Minimum Computer Requirements:

  • PC with latest updates and BIOS (Mac computers may not be used)
  • Windows 98SE, 2000 or XP Operating System (Vista & Windows 7 as well as all 64-bit processors are not yet supported)
  • Internet access
  • 1 GB (or more) memory
  • 2 GB or larger hard disk drive for examination purposes
  • 2 open USB 2.0 ports

Recommended Configuration:

  • PC with latest updates and BIOS
  • Windows 2000 or XP Operating System (Vista & Windows 7 as well as all 64-bit processors are not yet supported)
  • Internet access - High speed Internet access is recommended.
  • 2 GB (or more) memory
  • 15 GB or larger hard disk drive for examination purposes
  • Integrated PS/2 ports (Not USB Keyboard or Mouse)
  • 4 open USB 2.0 ports
  • 1 open Firewire / IEEE 1394 port
  • Read / Write Blocking device such as the 'FireFly Read/Write' device made by Digital Intelligence


Students may use either a desktop or a laptop computer.

The material used in this course is based on the concept of teaching computer forensics from a vendor neutral perspective. This course teaches the low level mechanics of commonly encountered file systems. If a student can gain a solid understanding of one file system and how it functions at a low level then that student will be prepared to learn other file systems as well.

This course material will teach low level mechanics and functions of both the FAT file system and the New Technology File System (NTFS). Although the FAT file system is not available on new computers, it is the default file system on floppy diskettes and USB devices. Many computer forensic incidents involve USB devices and will continue to involve these devices for years to come. Consequently, students studying to become successful forensic computer examiners must understand the FAT file.

Windows 98 and earlier versions are based on the FAT file system. A computer formatted with Windows 2000, XP, and Vista versions will typically be formatted with the NTFS file system.

The completion of several practical exercises is a requirement of this course. Some might include floppy diskettes. Although the floppy diskette is no longer commonly encountered in the field, it is the exercise that is significant and any action taken on a floppy diskette can be replicated on a hard drive.

The Forensic Computer Examiner program will train you to not only thoroughly examine digital media, but also clearly document, control, prepare and present examination results.

This program includes instruction on conducting thorough examinations, identifying where and how data is stored, recovering and interpreting data and drawing appropriate conclusions based on the data.

A sound understanding of the FAT and NTSF file systems is critical to forensic examination. These file systems are important because they are the base of Windows operating systems, portable flash media, storage devices and other digital media in use everywhere today. USB drives, mobile phones, laptops, desktops and cameras are examples of common equipment that use these systems. FAT file system logical structures are utilized by DOS and Windows 9.x. NTFS logical structures are utilized by Windows NT, 2000, XP and Vista.

Students will be provided a package of forensic industry-standard software bundled with this course. Each registered student will receive:
• SMART - www.ASRData.com
• Simple Carver - www.SimpleCarver.com
• Passware Kit - www.LostPassword.com
• Forensic Tool Kit (Demo version) - www.AccessData.com
• Numerous other free and shareware tools!


    • Course Overview/Description Course Objectives Course Outline Prerequisites/Audience PC Requirements/Materials Included Instructor Bio FAQs See a Demo
  •  
  • 3ds max
  • Administrative Professional with Microsoft Certified Application Specialist Training
  • Administrative Professional with Microsoft Office Specialist
  • AutoCAD 2007
  • AutoCAD 2009
  • Cisco® CCNA® Certification Training
  • CompTIA™ A+ Certification Training
  • CompTIA™ Network+/Server+ Certification Training
  • CompTIA™ Security+ Certification Training
  • eBusiness Certificate
  • Help Desk Analyst: Tier 1 Support Specialist
  • Microsoft Access 2007
  • Microsoft Certified Application Specialist Training (MCAS)
  • Microsoft Certified Database Administrator (MCDBA)
  • Microsoft Certified Desktop Support Technician (MCDST)
  • Microsoft Certified System Administrator 2003 (MCSA)
  • Microsoft Certified System Administrator Plus 2003 (MCSA+)
  • Microsoft Certified System Engineer 2003 (MCSE)
  • Microsoft Certified Technology Specialist: SQL Server 2005 (MCTS)
  • Microsoft Excel 2007
  • Microsoft Office Specialist 2003 (MOS)
  • Microsoft Outlook 2007
  • Microsoft PowerPoint 2007
  • Microsoft Vista Business
  • Microsoft Word 2007
  • .NET Training
  • Pay Per Click Marketing
  • RFID (Radio Frequency Identification) on the Web™
  • Search Engine Marketing
  • Search Engine Optimization
  • Web Database Developer
  • Webmaster

Forensic Computer Examiner

GES 305 -- 150 hours

PC Requirements/Materials Included


    Minimum Computer Requirements:

    • PC with latest updates and BIOS (Mac computers may not be used)
    • Windows 98SE, 2000 or XP Operating System (Vista & Windows 7 as well as all 64-bit processors are not yet supported)
    • Internet access
    • 1 GB (or more) memory
    • 2 GB or larger hard disk drive for examination purposes
    • 2 open USB 2.0 ports

    Recommended Configuration:

    • PC with latest updates and BIOS
    • Windows 2000 or XP Operating System (Vista & Windows 7 as well as all 64-bit processors are not yet supported)
    • Internet access - High speed Internet access is recommended.
    • 2 GB (or more) memory
    • 15 GB or larger hard disk drive for examination purposes
    • Integrated PS/2 ports (Not USB Keyboard or Mouse)
    • 4 open USB 2.0 ports
    • 1 open Firewire / IEEE 1394 port
    • Read / Write Blocking device such as the 'FireFly Read/Write' device made by Digital Intelligence


    Students may use either a desktop or a laptop computer.

    The material used in this course is based on the concept of teaching computer forensics from a vendor neutral perspective. This course teaches the low level mechanics of commonly encountered file systems. If a student can gain a solid understanding of one file system and how it functions at a low level then that student will be prepared to learn other file systems as well.

    This course material will teach low level mechanics and functions of both the FAT file system and the New Technology File System (NTFS). Although the FAT file system is not available on new computers, it is the default file system on floppy diskettes and USB devices. Many computer forensic incidents involve USB devices and will continue to involve these devices for years to come. Consequently, students studying to become successful forensic computer examiners must understand the FAT file.

    Windows 98 and earlier versions are based on the FAT file system. A computer formatted with Windows 2000, XP, and Vista versions will typically be formatted with the NTFS file system.

    The completion of several practical exercises is a requirement of this course. Some might include floppy diskettes. Although the floppy diskette is no longer commonly encountered in the field, it is the exercise that is significant and any action taken on a floppy diskette can be replicated on a hard drive.

    The Forensic Computer Examiner program will train you to not only thoroughly examine digital media, but also clearly document, control, prepare and present examination results.

    This program includes instruction on conducting thorough examinations, identifying where and how data is stored, recovering and interpreting data and drawing appropriate conclusions based on the data.

    A sound understanding of the FAT and NTSF file systems is critical to forensic examination. These file systems are important because they are the base of Windows operating systems, portable flash media, storage devices and other digital media in use everywhere today. USB drives, mobile phones, laptops, desktops and cameras are examples of common equipment that use these systems. FAT file system logical structures are utilized by DOS and Windows 9.x. NTFS logical structures are utilized by Windows NT, 2000, XP and Vista.

    Students will be provided a package of forensic industry-standard software bundled with this course. Each registered student will receive:
    • SMART - www.ASRData.com
    • Simple Carver - www.SimpleCarver.com
    • Passware Kit - www.LostPassword.com
    • Forensic Tool Kit (Demo version) - www.AccessData.com
    • Numerous other free and shareware tools!


Find a School