This course is intended for managers, government officers or researcher/educators who are interested to understand high level information about digital forensic. Participants are encouraged to participate in decision making to manage evidence, forensics team, tools and resources.

 

1. Identify the methodology of conducting forensic on digital evidence
2. Understand ways to preserve and analyze evidence and to present result to stakeholders
3. Learn to setup a forensic laboratory, to manage evidence and resources

 

1. Managers
2. Government officers involve in incident response
3. Researchers/Educators
4. Individual interested in digital forensics

Digital Forensics in Malaysia Landscape
Digital forensics consists of several major digital areas, namely mobile phone forensics and video forensics. Each area introduce new terms to the world of digital forensics, which will be covered in this topic. The case studies, technologies, issues and challenges faced by the First Responder will be discussed in this topic. The topics covered include:

1. Forensic Science: An Introduction
2. Digital Forensic: An Introduction
3. Digital Evidence
4. People & Roles
5. Case Study
6. Challenges

Digital Forensics Methodology & Terminology
To be involved in digital crime investigation, one must first know and understand the methodology of the digital forensics. Basically, there are 5 main processes in conducting forensics examination and analysis. All of these processes will be taught in details during the course. Participants will also learn about the Best Practice for seizing and acquiring evidence at crime scene. The topics covered include:

1. Digital Forensics Methodology
2. Terminology
3. Conclusion

Digital Evidence: What Data Can You Retrieved?
What types of data can be extracted from computer or mobile phone or CCTV? What challenges do they present? In this topic, participants will be exposed with types of data that can be collected from different kind of digital media, as well as the challenges in getting all the potential evidentiary data. The topics covered include:

1. Computer Analysis
2. Mobile Device Analysis
3. Internet/Email Analysis
4. Video Analysis
5. Image Analysis
6. Audio Analysis
7. Conclusion

First Responder Standard Operating Procedure
First Responder is the first person that is responsible to react towards an incident. To be a First Responder, one must know the steps taken to preserve the evidence as best as one could. The first responder should be prepared and his actions should be planned. Deliberate, rush or hurried actions could damage potential evidence. He/she should have a first responder toolkit and a predetermined incident response plan to follow regardless of the type of data being collected. The topics covered include:

1. Who is First Responder?
2. What are the Roles?
3. When First Responder Comes In?
4. How to Perform the Tasks?

Introduction to Data Imaging
Digital evidence can be collected from many sources; namely hard drives, memory devices, and web pages. Special care must be taken when handling computer evidence. Digital information can be easily tampered, and once tampered it is usually impossible to detect that a change has taken place (or to revert the data back to its original state) unless other measures have been taken. This topic will teach the participants on how to forensically acquire and preserve data. The topics covered include:

1. Introduction
2. Live Imaging
3. Dead Imaging
4. Hardware Based Tool
5. Software Based Tool
6. CSI: What to Expect?
7. Conclusion

Image with FTK Imager

Autopsy
The next step after acquisition process is to analyze what has been acquired. In this topic, participants will be exposed with the analysis on digital evidence and writing a forensic report.

Quality Management for Digital Forensics
To produce high quality evidence and to ensure that it is admissible into the court, certain measures need to be taken by the laboratory and the analyst. This topic shall discuss in details the elements need to be considered when dealing with digital evidence. The topics covered include:

1. Introduction
2. ISO/IEC 17025
3. Importance of Quality Management
4. Management Requirements
5. Technical Requirements
6. Conclusion

Building a Digital Forensics Laboratory
How many staff should I employ? What are the tools that I need to purchase? What are the conditions that a storage room should have? How to ensure that the evidence is secured? All these questions will be answered in this topic.

Pn. Sarah Khadijah Taylor
Specialist
Digital Forensics
CyberSecurity Malaysia

Started working in Digital Forensics Department of CyberSecurity Malaysia in 2007 as analyst. Promoted to Senior Analyst in 2010 and now hold position as Quality Manager for the department. Among responsibilities are to monitor the quality aspect of the digital evidence and the result as well as the competence of the analysts in accordance to ASCLD/LAB-International requirements. To date have reviewed more than 500 forensic reports produced by the laboratory for the Law Enforcement Agencies as well as for the private companies. Experiences include examination and analysis of digital forensics evidence; provide expert testimonies and present forensic findings and reports to law enforcement agencies.

 

En. Mohd Izuan Effenddy Bin Yusof
Senior Analyst
Digital Forensics
CyberSecurity Malaysia

Serve as a Digital Forensics Analyst at Digital Forensics Department of CyberSecurity Malaysia. Main tasks include analyzing digital evidence, preserving digital evidence at crime scene and trainer for digital forensics courses. Familiar with ASCLD/LAB-International (ISO standard for forensic lab) as laboratory is accredited with ASCLD/LAB-International.

 

• 14 - 15 March 2023
• 6 - 7 June 2023
• 15 - 16 August 2023
• 1 - 2 November 2023

*dates are tentative, unless specified

MYR1,950.00 (subject to 6% SST)

Please click here to register

Contact us to request for a quotation

12 CPD Point

Please submit the Certificate of Completion to Global ACE Certification at www.globalace.org