Live Analysis Workshop

Course detail

Program area: Technological crime

Course code: LAW

Course registration details
Session(s) Location Start date End date
no data- no data- no data- no data-
Tuition Accommodation Full Meals Total
no data$ - no data$ - no data$ - no data$ -


  • Accommodations include arrival of student the night before course start date.
  • Cost is based on the Single room with a shared bathroom priced at $ 95.00/night
  • Travel grant funding may be available (for non-federal police agencies only)


This course is offered to technological crime investigators who may be required to seize and/or analyze system information or memory contents from live computers.

It provides students with confidence in seizing volatile data from live computer systems and the necessary skills to perform a basic analysis of the seized data. Memory structures along with the different types of system information available on live computers is covered along with the proper methodology and techniques for seizing memory and system information. Students learn techniques for extracting images, passwords, chat logs, documents, and other artifacts from volatile data. In addition, the course looks at the basic interpretation and analysis of live system information.

Format and delivery

Length of course
5 days
Class size
maximum 20 students
Delivery setting
computer classroom

Learning outcomes

Eligibility and mandatory requirements



For more details or other information about the course, please email

Date modified: