Hey, everyone, welcome to the computer. Hacking your forensics course. My name is Canada Hill. I will be your instructor and we'll talk about who I am and just a little bit.
Let's talk about what we're gonna learn in this particular course
in March of one. We're going to talk about computer forensics today, so we'll talk about things like, you know, different laws and replicable. So, like the Fourth Amendment, things like hippo and fisma. And don't worry about if you don't know what those stand for, we'll talk about those
and module to We're gonna talk about the forensic process. We're gonna talk about things, you know, like the pre investigation phase, the investigation phase, the post investigation phase. So kind of like what do you do is an investigator.
Module three will talk about hard disk and file systems, so we're gonna take kind of a high level overview. But we'll talk about different file systems like fat and T f s e x t et cetera, et cetera.
So again, don't worry about if you don't know what those stand for, we'll talk about those in that module
module for will talk about data that musicians who we're gonna talk about live for us, going to talk about vile towel and nonviolent AL data and one common thing that we'll talk about throughout the entire course. It's gonna be something called the chain of custody, and so you'll find out what that is, and we'll kind of reference it throughout the entire course
module. Five. We have anti forensics, so we're gonna understand. Basically, why are the bad people trying to do anti forensics against us as investigators and kind of what the purposes
Module six will have operating system forensics so well, kind of touched on different file path information
in the operating system, as well as some information about Windows Registry cause you may see Windows Registry tested somewhat on the exam
module. Seven. We have network forensics. So what kind of take a high level overview and talk about some important aspects of how we can actually use our network forensic logs. So how it's admissible in 1/4 law. We'll talk about the hearsay Federal rules of evidence
modulate. We have Web attack investigations, so we'll talk about different things, like the Web application, architecture, things that might indicate a Web attack, and then we'll talk about also some Web attacks, you know, that are common. Like cross site scripting and sequel injection
module nine. We're gonna have database forensics. So we'll talk about things like M s sequel data storage in the sequel server, etcetera, etcetera. So anything related to databases that you would probably need to know for your exam will cover in that module
module 10. We cover forensics in the cloud. And so here we're just gonna talk about the different types of cloud computing, separation of responsibilities and cloud environment. Cloud is a subject cloud is an object, etcetera. So you understand what all those mean and those are gonna be very important for the ch EF Eye exam.
Much 11. We talked about good old malware. So we're just gonna talk about different ways. And now, working into a system, we'll talk about some tools that could be used for a dynamic and static analysis. Again, I want to stress that's not a deep dive into malware analysis where it's gonna take a very high level approach.
Model 12 email. We're gonna be talking about email investigation so we'll talk about where exchange server, the file types of storing, as which would be important for your exam was gonna talk about things like the canned spam act. If you're not familiar with
much of 13 will go over Mobile s We'll talk about mobile forensics, mobile architectures, mobile storage will talk about things like Sim I c c i d I m e i e s n again a bunch of little acronyms there, but we'll talk about what those actually mean for the exam, because you will want to know Mobile.
Um, from a significant standpoint for the seat, if I exam
and then finally, in March of 14 we're gonna wrap things up with forensic reporting. So we'll talk about some of the components that you'll need in a report will talk about, you know, depositions will talk about double bert versus fry standards. So a lot of good information in there that you may see tested on this huge if I exam.
So who am I like? Why am I even qualified to teach you right now? So my name is Kennedy. Hell. As I mentioned, I'm a certified ethical hackers. Wells, a computer hacking forensic investigator again. Both those starts air through easy counsel.
I'm also a master instructor here it cyber
also agent professor of digital forensics. So I kind of walked the walk, so to speak.
See if I I do write exam questions. So I haven't ridden him for the 1st 9 I wrote him for the next version that will be coming out. So I'm actually hoping that some of my questions will be on the exam on then I can pat myself on the back a little bit
and then also for the C c E h exam I I am one of the people that did review the newer content. So, for example, most people are calling a version 10 of the C e h S o. I reviewed that content some of the modules. I can't tell you which ones and I cannot tell you the answers for either of those exams.
Also hold the masters of science in cyber security information assurance from Western Governors University and then also an undergraduate degree and information systems in cyber security management. So ah, lot of my academic education focused on the management aspect. So, like your c so level type of stuff
as well as the Masters focused more on the technical side of things.
For a couple, of course, is where I got both the ch ch ef ay certs.
I've already helped thousands of people around the world, actually, tens of thousands of people around the rural past both the ch ch EF eye exam.
So a little bit about the core structure. So what to expect? Um,
in most videos, we're gonna have, like, a pre assessment. So all that's gonna be is, like one or two questions just kind of testing your knowledge up front. So that way, if you're familiar with the material, you may not need to actually watch that particular video.
Also trying corporate some post assessment questions and test your knowledge in each video again. They may not be in every single video, but we try to incorporate those threw out there just to take kinda gauger knowledge again. I want to stress that you need to download the supplemental material that's provided with this course. So that's gonna be the notes that I actually used
to study for my ch EF eye exam
and full disclaimer. I failed by ch ef I the first time. That's what led me to be more aggressive in my studying, get better at it and passed the second time and then start helping others. So, um, I've kind of been there. So if you you know, if you do take that ch ef I and you failed the first time Not a life or death situation. Well, hopefully not at least,
but, you know, not a life or death situation. You can box back like I did and go ahead and pass it the second time. Or even third or fourth time some people do
around. The goal is to just pass it right. That's kind of the main goal.
Also, the course is gonna be primarily video lectures were gonna have labs as well. And those will also be videos, But you'll be able to do those hands on.
And as I mentioned labs, right. So we're gonna have several labs throughout the course. So one thing I want to stress is that, um I'm gonna list in the Reese. Downloadable resource is I'm gonna list out kind of all the possible labs that I confined in the cyber environment. Um, and that's Ah, that's primarily if you have access to those labs.
But you're welcome to set up your own laps as well. You can find it from websites that I'll show you how to do that.
Um, the other thing I just want to stress with the cyber relapse is that some of them may take you like, 20 to 30 minutes or even like an hour to two, just like, kind of harvest that data. So that's why I did not incorporate them, like in the actual film courses, because, you know, it's not pragmatic time wise
to sit there, just kind of silently as we,
you know, harvest dated for 20 minutes, but
it made more sense to kind of list those ones out. That way, if you want to go do those ones as well you're welcome to or to set up your own. So again, the labs that we're gonna cover in this course visually and videos are gonna be labs that, um,
you know, we can essentially accomplish Khanna in that, you know, golden, like, 10 minutes or less type of video. So that way you can, you know, quickly digested quickly. Look at the lab, get information about it. You know that way, if you're at work on lunch break or something like that, I mean, we just want to kind of make it more correlated to you and your schedule
compared to, like us making you sit there for, you know, an hour and 1/2
on a lab, you know, trying to trying to, you know, take a look at it. So again, keep in mind you want to make sure you download all the resource is that I'm provided in this course is gonna help you immensely as well as I'm gonna have a document listed with the different lab so you can just quickly know which ones you need. You should do to retain the knowledge in the course.
So this well, we just kind of talked about my background. We talked about what's going to occur in the course as well as the core structure. Kind of how it's laid out.
And the next module is macho. One murder and talk about computer forensics. Today. Again, we're gonna be talking about you know what, His digital forensics. We're also gonna be talking about different loss of replicable like the Fourth Amendment fisma and hip