Date/TimeDate(s) - Wed, Oct 06, 2021 - Fri, Oct 08, 2021
Belkasoft Evidence Center Certification (BEC) Course
The Belkasoft Evidence Center Certified Examiner course is designed to provide local/federal law enforcement, military investigative personnel, and private sector security professionals training on the knowledge and skills required to:
- Forensically acquire digital evidence from computer-based storage and mobile devices
- Analyze artifacts from all major operating systems on server-grade, desktop, and mobile-based platforms
- Draft effective reports on pertinent findings
Through lecture, instructor-led demonstrations, and practical exercises the Belkasoft course will prepare participants to identify, acquire, analyze and report on electronic/mobile artifacts utilizing the BEC platform. During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.
|Module 1 – Introduction||1 Hour||The BEC Certificate Course introduction will provide a brief history of Belkasoft followed by overview of course logistics enabling instructors and students to become familiar with one another and their professional experiences in digital forensics.|
|Module 2 – BEC Overview||2 Hours||Students will receive a comprehensive overview of the BEC platform, focus, and core competencies.|
|Module 3 – BEC Interface||2.5 Hours||Instructors will guide students through the BEC user interface, controls, windows, and menus to implement familiarity with the platform in preparation for practical exercises.|
|Module 4 – BEC Workflow||3.0 Hours||Students will become familiar with the BEC workflow required to manage cases, acquire digital evidence, prepare the platform for efficient forensic analysis, and draft effective reports on findings.|
|Module 5 – Search Techniques||4.0 Hours||Students will learn how to leverage BEC platform tools and features to conduct efficient searches on digital evidence artifacts using keywords and advanced expressions.
Students will also learn effective bookmarking techniques and how to export pertinent data from the BEC environment for subsequent analysis with 3rd party tools.
|Module 6 – Multimedia Analysis||3.0 Hours||Instructors will guide students on tools and techniques within the BEC platform to forensically analyze digital multimedia to discover artifacts (such as Geotag, EXIF) pertinent to an ongoing case. Students will also learn how to properly handle illicit images in preparation for reporting.|
|Module 7 – Advanced Analysis||3.0 Hours||Students will learn how to utilize BEC to analyze RAM data, detect encrypted files, discover Internet-based evidence, and carve data from unallocated space or embedded documents (Ex: MS Word)|
|Module 8 – BEC Reporting||1.0 Hour||Instructors will guide students on the importance of reporting and techniques on how to utilize the BEC platform to create effective forensic reports on findings.|
|Module 9 – BEC Certification Exam||3.0 Hours||Students will be required to complete a final exam consisting of written questions and practical skills assessments to demonstrate required capability on the BEC platform.|
The BEC certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on BEC functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.