InfraGard NCR is excited to announce our the launch of our CYBERcamp for adults.  Come join us for an enlightening opportunity to learn more about cybersecurity.

CYBERcamp for Adults is taught in four sessions.  The schedule for 2021 is:

  • Session 1: October 7, 2021

  • Session 2: October 21, 2021

  • Session 3: November 4 2021

  • Session 4: November 18, 2021

COST  $499

**Requests for refunds will be reviewed on a case-by-case basis.  

TECHNOLOGY REQUIREMENTS

  • A computer, microphone and speakers (and webcam if students wish to visually participate).  

  • An internet connection that allows for videoconferencing is needed.

  • This series will include instructor demonstrations, but is not intended to be hands-on for students.  Therefore, no special hardware or software is required.

CAMP APPLICATION

Please register here:  https://attendee.gotowebinar.com/register/8414719035771100688

Detailed Agenda:

Session 1: Intro To Forensics (3 hours)
 
Data, Security, and Privacy Intro

  • What sort of information do we want to protect on a personal and professional level (e.g. family photos, location history, financial, medical, etc)

  • Who is collecting this information? What can they do with it?

  • Where does it reside? Locally, LAN, WAN, cloud?

  • Who are we protecting the data from?

  • What the baddies do (mass phishing --> Advanced Persistent Threat / State Actor)

 
Introduction to Forensics:  

  • What is forensics, how is it different from incident response or legal e-discovery, or security monitoring or surveillance? 

  • What would organizations need to do to be “ready” to investigate a policy violation, respond to a litigation hold, or assess the damage from a security or privacy incident?

  • Cyber Insurance: what do the cover, what are the exemptions what is not covered? What can reduce your premiums?

  • How does digital forensics fit into criminal investigations, internal investigations, civil legal disputes, risk management, or the cyber incident response cycle?

  • What do you need to do now, to be ready in case any of these scenarios happens?

 
Putting it all together:

  • Personal vs corporate forensics/security

  • Automation as force for good and evil

  • Intrusion detection

  • Incident response

 
Session 2: Computers, Operating Systems, and File Systems (illustrated with Windows). (3 hours)
 
What are the basic parts and functions of a computer? 

  • Processor: ALU and CPU

  • Storage: registers, memory, persistent storage media

  • Firmware and Software:

    • ​POST on CMOS

    • Operating System

    • Applications

 
What are the general parts and function of an operating system (using Windows as an example).

  • Kernel, Memory management, etc...

  • Pagefile, hyberfil

  • Volume Shadow copy and system restore

  • Microsoft Compatible File systems NFTS, FAT, ExFAT

  • File system journals, $logfile, $UsnJrnl,

  • How to choose the right file system for the task at hand

  • NTFS alternate data streams

  • HDD data recovery and data carving

  • Bitlocker  encryption basics

 
Session 3: Windows Artifacts, Applications, and File Metadata (3 hours)
 
Artifact Basics: examples of the artifacts in different places.  Illustrate and show artifacts with free or open source tools or Windows utilities.

  • Windows registry

  • Event logs

  • Prefetch

  • “Other Forensic Artifacts”: MRU, ShellBags,

  • Volume Shadow Copies

  • File headers and extensions

  • File metadata from Applications:

  • EXIF

  • Office Metadata

  • Photoshop

  • Acrobat/PDFs

 
Session 4: Network and Internet Artifacts Found on Computers (3 hours)
 

Networks and Computer Related Artifacts:

  • Remote Desktop

  • Email

  • Application data (i.e. browser history, messaging apps, location data)

  • Private mode is not

  • DNS cache

  • Firewall logs

  • Volatile connection Data

  • Wireless networks

  • Connected devices