Secu1: Digital Forensics with Computers and Smartphones

Company networks constantly become targets of hackers' attacks while companies are victims of infiltrators who acquire sensitive data and reuse them illegally. In order to provide clarity in these cases, the attack is examined forensically. Tracks are identified and secured (for use in court). The results are evaluated and prepared as evidence. Basic questions of IT forensics and applied standard techniques will be analyzed and tested during the training course.

Since a large number of both private and official data are stored on smartphones, these devices also represent a rich source of forensic studies. Since the data can often only be attacked to a limited extent, special tools are used. Preservation and analysis of evidence will be illustrated by means of practical exercises and case examples.

Topics

IT forensics and incident response

Treatment of security incidents in accordance with the BSI basic protection catalogs

Preservation of evidence, locally and via the network

Preservation of the authenticity of evidence, usability in court

Forensics tools and tool kits

Analysis of the recorded data

  • Tools under Windows and Linux
  • Search for concealed tracks
  • Determination of causes, damage and attack scenarios
  • Ways to identify targets and level of knowledge of the hacker

Smartphone forensics

  • Basic questions and forensics with iOS, Android, BlackBerry, Windows Phone
  • Special tools for smartphone forensics

Drafting of court-compliant reports

Project management: IT forensics

  • Cooperation with prosecution authorities, legal situation

Technical requirements

Basic knowledge of networks under Windows, Linux or Unix

Duration

Three days