Network Investigative Techniques Course
|Session(s)||Location||Start date||End date|
|$ 1,825.00||$ 1,140.00||$ 841.44||$ 3,806.44|
|$ 2,600.00||$ 1,140.00||$ 841.44||$ 4,581.44|
This course provides the knowledge and skills to complete searches, seizures and investigations of small, Windows-based computer networks. In this course, students learn to collect information, develop a plan and anticipate on-site needs before investigating a computer network. Students learn effective coding techniques to ensure the continuity of evidence, to identify location, allow investigators to document the chain of possession, and to identify items in court.
Format and delivery
Length of course: 10 days
Class size: maximum 20 students
Delivery setting: theoretical and practical components are done in a computer laboratory.
- Knowledge of legal issues relevant to network investigations.
- Understanding how to formulate a structured approach for investigating a computer network.
- Knowledge of the physical devices found on a network.
- Ability to physically and logically map a computer network.
- Understanding how to identify and locate sources of evidence on networked devices.
- Understanding how to prioritize evidence found on networked devices.
- Understanding how to perform a triage of evidence obtained from a network.
- Knowledge of coding and inventory issues relevant to network investigations.
- Understanding users of interest on a network.
- Understanding how to identify files and folders that specific users are able to access.
- Understanding how to seize configuration settings and log files from both wired and wireless routers.
- Understanding how to seize user and server configuration settings and log files from servers.
- Understanding how to seize files and directories from servers and mass storage devices.
- Understanding how to identify the source of Virtual Private Servers data and the methods of acquiring its digital evidence.
- Understanding techniques used to capture email from a Microsoft Exchange Server.
Eligibility and mandatory requirements
- This course is offered police and law enforcement officers.
- Registrants must have completed: the Computer Forensic Examiners (CMPFOR) course and the CompTIA Network+ exam; or the Stanford Lagunita online course "Introduction to Computer Networking".
- Acceptance or refusal in the course is at the discretion of the Canadian Police College.
- Success in the course is based on participation and completion of all required assignments.
- Various evaluation methods are used, including an assessment of a practical scenario, an assignment, quiz, final written exam, and final practical exam.
- Re-testing or re-evaluation is conducted at the discretion of the course instructor.
- For more details or other information about the course, please email firstname.lastname@example.org.
- Date modified: