Windows Forensics Investigations 3-Day Bootcamp with Hands on Training

This course is intended for IT Professionals and Investigators who want to conduct forensic analysis on Windows Systems. The objective of the course is to equip attendees with the tools and technical knowledge of responding to Windows related incidents. Attendees will learn the methodology and the steps to uncover digital evidence using open source tools. “Hands on” exercises and real life scenarios will not only supplement the learning from the course but will also allow attendees to use their new skills and tools immediately after the course.

What Attendees will learn:
• How to conduct digital forensics investigations
• Using tools to forensically analyze Windows Systems
• Incident Response Procedures
• How to build a corporate Forensics Lab
• How to identify possible evidence in Windows
• Preserving the chain of custody
• How to respond to the most common type of security incidents using Windows Forensics tools.

Training Agenda

Day 1
• Introduction to Incident Response and Digital Forensics
• Building a Digital Forensics Lab
• The Digital Forensics Methodology
• The Digital Forensics Investigation Process

Day 2
• Operating System artifacts
• Windows Memory Analysis
• Analyzing the Windows Registry
• Windows File Analysis
• USB usage forensics
• User activities forensics
• Browsing history and IM forensics
• eMail Forensics

Day 3
• Instructors will go through scenario based investigations exercises which are based on actual incidents including HR & Employee Investigations, Fraud, Intellectual Property theft, Network Compromise, Hacking Attacks and Unauthorized Access.

Course Fee: USD 2,500 per delegate
Special Group Rate available.

If you have any questions, please contact Contego Solutions by email at or by telephone +971 4 439 2212 to speak to our Specialists.