***MOBILE DEVICE FORENSICS: ONLINE COURSE AND CERTIFICATION****
The IACIS Online Mobile Device Forensics Training Program is a 36-hour course of instruction being offered online. Upon completion, students have the opportunity to take the online Mobile Device Certification exam at no additional charge.
The program is designed to provide students with intermediate to advanced skills to analyze and interpret data during cell phone investigations. This course goes behind the popular tools currently in use to reveal the sources of cell phone data used to store evidence. At the completion of the course students will be confident in knowing they can gather and explain all data they have located during their examinations. Students should have some experience in conducting cell phone examinations.
Topics include but are not limited to:
- Acquiring file system and physical images from phones, to include handling and procedures for locked devices
- Students will learn how to acquire cell phone data, and the different types of techniques to obtain the most relevant data.
- There is some usage of command line to conduct the practicals. The commands are explained in detail; however, some students may find previous command line experience helpful.
- Students will learn through hands-on exercises how the file systems are laid out in both iOS and Android, allowing them to find the data they are looking for quickly and be able to interpret it. This knowledge will carry over to new releases of the operating systems ensuring students can continue to stay current.
- Validating data obtained from forensic tools, including data that tools miss.
- Students will learn advanced third-party application analysis to interpret, recognize and decode artifacts stored by these applications.
- Flash Memory, NAND Ram Architecture and learn how cell phones store their data at the physical level.
- Obtaining and processing iOS backup files, including manual decoding, parsing and cracking of encrypted backup file images.
- Viewing and interpreting iOS files such as plists to obtain valuable evidence.
- Students will learn to use ADB and manually extract data from an Android device for those times when a commercial tool is unable to.
- Students will learn about using python scripts and how to use them to enhance the data they can obtain during their examinations including manual application use of the queries.
- Understand how SQLite databases function and how the data is stored, including how to use simple queries to manually parse the data.
CERTIFICATION: Completion of the online MDF course entitles each member to one attempt at the ICMDE Certification process. The online certification cycle starts at the same time as the online class and is six months long. The attempt must be completed within that time frame. For example, if the online MDF course starts 10/1/2025, the course must be completed by 12/31/2025 and certification must be completed by 3/31/2026.
REGISTRATION:
THE MDF ONLINE TRAINING FOR 4/1/2025 – 6/30/2025 WILL NOT BE OFFERED DURING THAT PERIOD. WE WILL BE UPDATING CONTENT. PLEASE COME BACK TO REGISTER FOR THE 7/1/2025 – 9/30/2025 CYCLE IN APRIL 2025. DO NOT ADD YOURSELF TO THE WAITLIST.
Existing IACIS members simply log in with your credentials and go to the products page to purchase and register for the course.
For non-IACIS members, the membership fee is waived with the purchase of the training course; however, to register for the course you must complete a membership application at the time of purchase.
Apply for membership and purchase the course on the PRODUCTS PAGE
COST: $995 US Dollars
PAYMENT MUST BE RECEIVED PRIOR TO THE START OF THE ONLINE TRAINING. All online cycles must be started and completed within the active course cycle completion dates. Students who fail to complete course exercises within the specified timeframe will be removed from the process and he/she will forfeit any fees paid. Under certain circumstances students with an identified hardship may request to be transferred to the following online training cycle. To qualify for this request, the student must notify the course administrator (onlinetraininghelp@iacis.com) a minimum of 30 days before the end of the class cycle. This type of request will be granted on a limited basis and only as a one (1) time transfer. There will be no refunds issued to students who fail to start or complete the online training cycle.
Software needed by students for the class:
TWRP 3.0
ODIN 3.10.7
ADB-1.4.2
Netcat-win 32-1.12
Hashcat 4.0.1
Strawberry Perl 5.26.2.1
Plist Editor Pro
Elmcomsoft Phone Breaker
Python – 2.7.9 or 2.7.11 or 3.5.1
SIM card data
Zimmerman Hasher
Time Lord
SQLite Studio
7zip
SQ Lite Browser
Sanderson SQLite Studio,Binary Plist Decoder, Date Decoder
Minimal ADB fastboot DB Browser3.10.1
Plist Explorer
