• Classroom
Course Description

Traditional forensics professionals use fingerprints, DNA typing, and ballistics analysis to make their case. Infosec professionals have to develop new tools for collecting, examining and evaluating data in an effort to establish intent, culpability, motive, means, methods and loss resulting from e-crimes.

Part 1 of this course on cyber forensics, will introduce the course participant to data, the primordial building blocks of information as we know it and how specific data evolve, eventually into evidential matter.

We start small, in fact very small . . . bits and bytes small, explaining the origins of data and progressing onward, addressing concepts related to data storage, boot records and partitions and how each of these are interrelated and essential in the understanding of the process and methodology, of a cyber-forensic investigation.

Learning Objectives

After completing this seminar, participants will be able to:

  • Recognize the fundamental building blocks of data.
  • Differentiate between how data are stored, arranged, calculated and presented in human-readable form.
  • Identify how data are converted from binary to decimal format.
  • Interpret the dependency and linkage of hexadecimal notation and the relationship to cyber forensics.
  • Define the Master Boot Record and its role in cyber forensic data analysis.
  • Comprehend the meaning and role of endianness in data representation and storage.
  • Explain the role and function of the partition table.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.