Digital Evidence Specialist

  • Course Duration6 months
  • Next batch Starts1 Jan 2021
  • Course FeeINR 10,000 + GST

Digital Evidence Specialist

Digital Evidence is needed in around 85% of criminal investigations. There are 85+ sources of digital evidence - from alternate data streams & bitcoin wallets to virtual machines and web server logs.

Become an expert in presenting digital evidence in court - bitcoin, emails, IoT devices, laptops, networks, servers, smartphones, websites and more.

Eligibility:
Graduate in any discipline.

Assessments:
  • Case studies & multiple choice questions
  • 100 mark online exam
  • Score at least 70% to pass

Did you know?

  • Data collected from a smartwatch worn by a 57-year old Australian murder victim led to the arrest of her daughter-in-law. (Details)

  • Data recorded in Apple's Health App led to the conviction of a murder suspect. The data showed that the suspect was climbing stairs and this was correlated to him dragging his victim down a riverbank and climbing back up. (Details)

  • US law enforcement used Fitbit data to charge a man with the murder of his wife. (Details)

  • Amazon Echo data is being used in a US murder trial. (Details)

  • A 59-year old American was indicted for arson and insurance fraud based on evidence from his pacemaker (artificial heart implant). (Details)

  • According to the European Commission, more than half of all investigations today involve a cross-border request to access electronic evidence. Electronic evidence is needed in around 85% of criminal investigations. (Source)

This course is perfect for:

  • Legal Team members
  • Fraud Control professionals
  • Digital Evidence First Responders
  • Incident response specialists
  • Information Security professionals
  • Forensic laboratory managers

This topic covers the fundamentals of Digital Evidence and covers several cases that involve digital evidence.

Introduction to Digital Evidence

  • Cases of Digital Evidence
  • Intro to Digital Evidence

Digital Evidence Law

  • Sec 65B of Indian Evidence Act
  • Importance & types of evidence
  • How to present evidence in court
  • Section 65 v 65B
  • Deleted message as evidence
  • Documentary evidence without the originator
  • Anwar Vs. Basheer case

Digital Evidence Standards

  • ISO Standards
  • Forms and documents

Presenting Digital Evidence in Court

  • Presenting a website in court
  • Presenting an email in court
  • Using ASCL 65B Generator

This module covers 85+ sources of digital evidence, It also provides access to the ASCL 65B Generator for generating certificates under section 65B of the Indian Evidence Act, 1872 for each of these sources of digital evidence.

Digital Evidence from Emails

  • Email header & body
  • Gmail account
  • Yahoo account

Digital Evidence from Web usage

  • Application Proxying Firewall
  • Audio & Video data
  • Instant Messaging Application
  • Digital Signature
  • Digital Signature Certificate
  • Chrome browser
  • Google service
  • Group Chat Application
  • Mozilla browser
  • Safari browser
  • Monitoring and filtering services
  • Web proxy server
  • Web server

Digital Evidence from Network Traffic

  • Client / Server Application
  • Host IDS
  • DHCP servers
  • Firewalls and routers
  • IP address
  • ISP records
  • MAC addresses
  • Network Forensic Analysis Tools
  • Network IDS
  • Network Monitoring Software
  • Packet sniffers
  • Protocol Analyzers
  • Proxies
  • Remote Access Servers
  • Security Event Management software
  • SSID
  • ARP Cache

Volatile Digital Evidence from Operating Systems

  • Login Sessions
  • Network Configuration
  • Network Connections
  • Open Files
  • Operating System Time
  • RAM dumps
  • Running Processes

Non-Volatile Digital Evidence from Operating Systems

  • Access Control List
  • Application Events Logs
  • Application Files
  • Audit Records Log
  • Command History Log
  • Data Files
  • Dump Files
  • Hibernation Files
  • Log of recently accessed files
  • Password Files
  • Scheduled Jobs
  • Swap Files
  • System Events Logs
  • Temporary Files
  • Users and Groups

Digital Evidence from Files

  • Free Space
  • Slack Space
  • Alternate Data Streams
  • Bit Stream Images
  • Deleted Files
  • File Modification, Access, and Creation Times
  • Logical backups

Digital Evidence from Applications

  • Audit Logs
  • Config settings in source code
  • Settings in Config Files
  • Config settings in Runtime Options
  • Data Concealment Tools
  • Debugging Logs
  • Error Logs
  • Event Logs
  • Installation Logs

Digital Evidence from smartphones

  • Approximate location tracker apps
  • Calendar reading apps
  • Contact list reading apps
  • Exact location tracker apps
  • Health apps
  • IMEI
  • IMSI
  • Listening apps
  • Phone log reading apps
  • SMS message reading apps
  • Viewing apps

Digital Evidence from Bitcoin

  • Bitcoin addresses
  • Bitcoin transactions
  • Bitcoin wallets

Digital Evidence from IOT devices

  • Amazon Alexa
  • Drones