Date/Time
Date(s) - Mon, Jan 01, 2024 - Tue, Dec 31, 2024All Day
Location
ONLINE Class
REGISTER HERE: ONLINE COURSE
BEC 302 – Advanced Mobile Investigations
As a proven industry leader, Belkasoft has remained at the forefront of innovation when forensically acquiring mobile device data, while safely bypassing security constraints using the latest advanced techniques.
This course will provide you with the knowledge and preparation to use the Belkasoft X forensic software to conduct advanced acquisitions and complete an in-depth analysis of iOS and Android mobile device digital evidence to include:
iOS Advanced Acquisitions
- Acquisition with lockdown file
- Agent based Full File System acquisition
- Jailbroken device acquisition
- Checkm8 based device acquisition
iOS Advanced Analysis
- Full File System Features – Data not included with an iTunes Backup
- Keychain
- System Artifacts – Knowledge C and Location Data
- Third Party Apps – SQLite databases and Plist files
Android Advanced Acquisitions
- Agent Backup acquisition
- APK Downgrade acquisition
- File System Copy acquisition
- Physical acquisition
Android Advanced Analysis
- Full File System Features – User profiles, Encryption, and Keystore
- System Artifacts – Passwords, Account Information, and System Settings
- Third Party Apps – SQLite databases and XML files
Modules:
- Introduction 1 Hour
- Advanced iOS Device Acquisitions 2 Hours
- Advanced iOS Analysis 3 Hours
- Advanced Android Device Acquisitions 2 Hours
- Advanced Android Analysis 3 Hours
- Final Practical 3 Hours
This course is meant for intermediate to advanced users. Although not required, BEC 301 should be completed prior to taking this course, or the participant should be proficient with the use of the BEC X forensic software.
The BEC 302 course design, objectives, practical exercises, and scenarios are written based on over twenty years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live mobile devices involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.