SANS 408: Windows Forensics Analysis


  • Morris County, NJ

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) will be hosting a six-day workshop titled “SANS 408: Windows Forensics Analysis" on Monday, June 20, 2016 through Saturday, June 25, 2016 from 8:00 A.M. – 5:00 P.M.

There is NO COST to participate.

Description

This course focuses on building in-depth digital forensics knowledge of the Microsoft Windows operating systems to recover, analyze, and authenticate forensic data. Students will train with a series of new hands-on laboratory exercises that incorporate evidence found on the latest Microsoft technologies (Windows 7, Windows 8/8.1, Office and Office365, Cloud Storage, SharePoint, Exchange, Outlook). Students will understand how to track detailed user activity on networks and how to organize findings for use in incident response, internal investigations, and civil/criminal litigation. These skills can be used for validating security tools, enhancing vulnerability assessments, identifying insider threats, tracking hackers, and improving security policies. Students leave the course armed with the latest tools and techniques and prepared to investigate even the most complicated systems they might encounter.

Workshop Objectives

  • Conduct in-depth forensic analysis of Windows operating systems and media exploitation
  • Identify artifact and evidence locations to answer critical questions
  • Focus capabilities on analysis instead of how to use a specific tool
  • Extract key answers and build an in-house forensic capability 

Target Audience:

Information security professionals, incident response team members, experienced digital forensic analysts, law enforcement officers and detectives, federal agents, red team members, penetration testers, and exploit developers.

If you have any questions regarding this workshop or would like to preregister, please contact Michael Smith at MSmith@njohsp.gov or call (609) 588-2498.