SANS Institute
SANS - Computer Forensics and e-Discovery with Rob LeeSECURITY 558SECURITY 558
Course PDF
Course PDF
At the beginning of the day, we will discuss wireless access point investigations and then learn about techniques for presenting digital evidence in court. After lunch we will begin our Capstone case study. Students will participate as investigative teams, presented with a realistic scenario and a virtual network. You will identify sources or evidence, collect the evidence, reconstruct content, solve the crime, and present your analysis in "court."
- Topics - Day 4:
- Wireless access point investigations
- WAP log analysis
- WAP evidence acquisition
- Digital evidence court primer
- Capstone case study: Investigate a crime and present the evidence
- Work as part of an investigative team to:
- Examine IDS alerts and understand the attack
- Carve files out of IDS traffic captures
- Strategically plan and prioritize evidence Collection
- Gather evidence from network devices
- Work as part of an investigative team to:
- Wireless access point investigations
| SECURITY 558 Upcoming Events | |||
| Event | Location | Dates | Delivery Method |
| Community SANS Forensics DC 2010 | Alexandria, VA | Feb 22, 2010 - Feb 26, 2010 | Community SANS |
| SANS 2010 | Orlando, FL | Mar 06, 2010 - Mar 15, 2010 | Live Event |
GIAC Certification
"This is awsome! We're seeing details that most people don't even know exist" - John Wright, Info Tech, Inc.
"The class provided in-depth, real world, hands-on information" - Robert Dale Drollinger, General Dynamics
SANS Institute