Home » Education » Course Catalog » Digital Forensics: Advanced

Digital Forensics: Advanced

Certificate Eligibility: 
DAS
Credits: 
5 ARC, 0.75 CEUs
Length: 
1 day
Format: 
In-Person
Max Attendees: 
35
Tier: 
Tools and Services
ACE Category: 
Description: 

Students will build on work done in FRN1 and move from discussion to the application of digital forensics concepts to archival processes. This course delves deeper into the layers of hardware and software that enable bitstreams on digital media to be read as files. Further, this course will explore the roles and relationships among these layers, as well as tools and techniques for ensuring the completeness and evidential value of data. During this course, students will think about and describe digital forensic archival workflows. Students will engage with tools that support these workflows and examine the impact of tools and workflows on archival practice. Students will experience using tools, software, and workflows. This course includes a discussion and provides examples of granting users access to forensic-captured and preserved data. 

This course will consist of hands-on activities and require participants to bring sample data or use supplied sample data for those activities. Tools used in these activities include various operating systems command lines, BitCurator VMs, disk imaging software, and others. Participants will need either admin access to a pc or a Mac. They should ensure that their chosen computer can handle the installation and operations of Oracle VirtualBox. Downloads, User Guides, and installation information are available from: virtualbox.org

Learning Outcomes: 
Explain the roles and relationships between the main layers of technology required to read a string of bits off of a physical storage medium and treat it as a file
Identify various forms of data that may be "hidden" on the physical storage medium
Use write blockers and create disk images in order to prevent accidental manipulation of volatile data
Identify and extract the data that a file system uses to manage files
Apply digital forensics tools and methods to collections of records
Identify and compare alternative strategies for providing public access to data from disk images
Who Should Attend: 

Archivists, manuscript curators, librarians, and others who are responsible for acquiring or transferring collections of digital materials, particularly those that are received on removable media

What You Should Already Know: 

Participants are expected to know basic archival practice and have intermediate knowledge of computers and digital records management. Participants should have some familiarity with virtual machines and the command line.

DAS Core Competency: 
1. Explain the nature of digital records and their lifecycle.
3. Formulate strategies and tactics for appraising, acquiring, describing, managing, organizing, preserving, and delivering digital archives.
4. Incorporate technologies throughout the archival lifecycle.
6. Employ standards and best practices in the management of digital archives.
7. Design a defined set of services for designated community.
Instructor(s): 
Joshua Kitchens
Jessica Farrell
Reviews: 
"Understanding the underlying structure of data and BitCurator's role in data triage and digital forensics was thorough and greatly informative. Seeing both the small and big picture helped a lot."
"The hands-on experience working with BitCurator was really very valuable. While learning the computer science behind the forensics is a necessary basis, I really take these courses to learn how this is applicable to MY daily job. Especially with someone like Cal Lee there to offer first-hand instruction with the software, this was easily one of the most beneficial DAS courses I've taken."
"The ethical discussions at the end of the course were excellent. It allowed us to sink our teeth into what we had learned and discuss real world application. It was very useful to be introduced to the variety of tools available for download and to learn how we might use them."
Host a Course:

Interested in hosting a course? Visit our Host a Course page for information on what is required and how to apply!

Education

Subscribe to Education eNews

Want to keep up-to-date on the latest course offerings? Sign up for our Education eNews updates for education insiders!