Training & Certifications


This program provides participants with knowledge and skills that are essential for carrying out forensic investigator responsibilities in their organization. The first few modules lay groundwork for specialized security topics that covered network operation and design, TCP/IP protocol suite, introduce Port Scanning and understand role that routers play also conclude several topics about physical security.


At the end of the program, the participants will be able to :

  1. Understand the proper evidence handling skills
  2. Apply proper forensic methodology while handling computer crime cases

Network Administrator, Systems Administrator, Network Engineer, Systems Engineer.


This program is 5 days of intensive training - workshop class.


Participants are required to have knowledge of Fundamental ICT, Networking Essentials, Computer Networking Technology or related subjects.


At the end of the program, the participants will be assessed with Foresec Certified in Forensic Investigator Exam.


Foresec Certified in Forensic Investigator Certification will be awarded upon successfully passing the exam from Foresec, through an independent online exam engine, PXmatics.


  1. Ethical Behaviour while conducting Computer Forensic Investigation
  2. Media Acquisition Strategy
  3. Hardware and Imaging Issues
  4. Legal and Privacy Issues
  1. Digital Imaging Theory and Process
  2. Write Blocking
  3. Wiping, Hashing, Validation, Image Restoration, Cloning, Unallocated Space
  4. Drive Partitioning
  1. File System Basics
  2. MAC times and Timeline Analysis
  3. Recovering Deleted Files
  4. String Searches
  1. Linux and Windows Response Process
  2. Understanding Open Source VS Commercial Investigation Tools
  3. Creating a Live System Imagining vs Offline Imagining
  4. Utilising Hash Sets in Investigation
  1. Understanding TCPdump usage
  2. Tcpdump Capturing Tips and Tricks
  3. Utilising Netflow Capturing Techniques
  4. Visualising traffic using Wireshark
  5. GEOMAPPING traffic
  6. Network Forensic Tradeoffs
  1. HTTP Forensic Investigation
  2. NTP Protocol Investigation
  3. Wireless Protocol Analysis
  4. E-Mail Investigation and Protocol Analysis
  5. Investigating SSL traffics
  1. Understanding Implementation and Utilisation of Syslog Server and Services
  2. Understanding Event Anomalies
  3. Extracting and Parsing HTTP log Files
  4. Extracting and Parsing Firewall / Router and Switch Logs
  5. Log Analysis Tools and Techniques
  1. Detecting Malwares using sniffers
  2. Protocol Dissecting Malwares
  3. Detecting Netcat and Cryptcat Shells
  4. Malicious Web Shell Detection
  1. Identifying Encrypted Connection Behaviour
  2. Identification of Flow points for Encrypted Traffic
  3. Reverse Engineering Network Protocols
  4. Breaking the encrypted Protocols
  5. Mitigation and Analysis Strategies
  1. Online Banking Attacks
  2. Investigating STUXNET Virus
  3. Investigation FLAME and APT (Advanced Persistent Threat)
  4. Maintaining a healthy Detection Systems
  5. Limitations of IDS and IPS technology

Scroll to Top