***MOBILE DEVICE FORENSICS: ONLINE COURSE AND CERTIFICATION****
The IACIS Online Mobile Device Forensics Training Program is a 36-hour course of instruction being offered online. Upon completion, students have the opportunity to take the online Mobile Device Certification exam at no additional charge.
The program is designed to provide students with intermediate to advanced skills to analyze and interpret data during cell phone investigations. This course goes behind the popular tools currently in use to reveal the sources of cell phone data used to store evidence. At the completion of the course students will be confident in knowing they can gather and explain all data they have located during their examinations. Students should have some experience in conducting cell phone examinations.
Topics include but are not limited to:
- Acquiring file system and physical images from phones, to include handling and procedures for locked devices
- Students will learn how to acquire cell phone data, and the different types of techniques to obtain the most relevant data.
- There is some usage of command line to conduct the practicals. The commands are explained in detail; however, some students may find previous command line experience helpful.
- Students will learn through hands-on exercises how the file systems are laid out in both iOS and Android, allowing them to find the data they are looking for quickly and be able to interpret it. This knowledge will carry over to new releases of the operating systems ensuring students can continue to stay current.
- Validating data obtained from forensic tools, including data that tools miss.
- Students will learn advanced third-party application analysis to interpret, recognize and decode artifacts stored by these applications.
- Flash Memory, NAND Ram Architecture and learn how cell phones store their data at the physical level.
- Obtaining and processing iOS backup files, including manual decoding, parsing and cracking of encrypted backup file images.
- Viewing and interpreting iOS files such as plists to obtain valuable evidence.
- Students will learn to use ADB and manually extract data from an Android device for those times when a commercial tool is unable to.
- Students will learn about using python scripts and how to use them to enhance the data they can obtain during their examinations including manual application use of the queries.
- Understand how SQLite databases function and how the data is stored, including how to use simple queries to manually parse the data.
CERTIFICATION: Completion of the online MDF course entitles each member to one attempt at the ICMDE Certification process. The attempt must be completed within the time frame of your online cycle. Each online class cycle is three months; a fourth month is allowed for testing.
WHEN: Sales for the online Mobile Device Forensics and Windows Forensic Examiner classes will not be offered for the January 2023 or the April 2023 cycles. IACIS trainers are in the process of conducting necessary maintenance on the Moodle server and updating the content for each of the two classes. Both online classes will be offered again for sale on April 1 2023 for the July – September cycle. We apologize for any inconvenience this may cause.
REGISTRATION:
Existing IACIS members simply log in with your credentials and go to the products page to purchase and register for the course.
For non-IACIS members, the membership fee is waived with the purchase of the training course; however, to register for the course you must complete a membership application at the time of purchase.
Membership for existing members who pay for the course will be waived for 2023. Non-IACIS members will receive membership from 10/1/22-12/31/2023.
Apply for membership and purchase the course on the PRODUCTS PAGE
COST: $995 US Dollars
PAYMENT MUST BE RECEIVED PRIOR TO THE START OF THE ONLINE TRAINING. All online cycles must be started and completed within the active course cycle completion dates. Students who fail to complete course exercises within the specified timeframe will be removed from the process and he/she will forfeit any fees paid. Under certain circumstances students with an identified hardship may request to be transferred to the following online training cycle. To qualify for this request, the student must notify the course administrator (onlinetraininghelp@iacis.com) a minimum of 30 days before the end of the class cycle. This type of request will be granted on a limited basis and only as a one (1) time transfer. There will be no refunds issued to students who fail to start or complete the online training cycle.
Software needed by students for the class:
TWRP 3.0
ODIN 3.10.7
ADB-1.4.2
Netcat-win 32-1.12
Hashcat 4.0.1
Strawberry Perl 5.26.2.1
Plist Editor Pro
Elmcomsoft Phone Breaker
Python – 2.7.9 or 2.7.11 or 3.5.1
SIM card data
Zimmerman Hasher
Time Lord
SQLite Studio
7zip
SQ Lite Browser
Sanderson SQLite Studio,Binary Plist Decoder, Date Decoder
Minimal ADB fastboot DB Browser3.10.1
Plist Explorer
