top of page

InfraGard NCR is excited to announce our the launch of our CYBERcamp for adults.  Come join us for an enlightening opportunity to learn more about cybersecurity.

​

CYBERcamp for Adults is taught in four sessions.  The schedule for 2021 is:

  • Session 1: October 7, 2021

  • Session 2: October 21, 2021

  • Session 3: November 4 2021

  • Session 4: November 18, 2021

​

COST  $499

**Requests for refunds will be reviewed on a case-by-case basis.  

​

TECHNOLOGY REQUIREMENTS

  • A computer, microphone and speakers (and webcam if students wish to visually participate).  

  • An internet connection that allows for videoconferencing is needed.

  • This series will include instructor demonstrations, but is not intended to be hands-on for students.  Therefore, no special hardware or software is required.

​

CAMP APPLICATION

Please register here:  https://attendee.gotowebinar.com/register/8414719035771100688

​

Detailed Agenda:

​

Session 1: Intro To Forensics (3 hours)
 
Data, Security, and Privacy Intro

  • What sort of information do we want to protect on a personal and professional level (e.g. family photos, location history, financial, medical, etc)

  • Who is collecting this information? What can they do with it?

  • Where does it reside? Locally, LAN, WAN, cloud?

  • Who are we protecting the data from?

  • What the baddies do (mass phishing --> Advanced Persistent Threat / State Actor)

 
Introduction to Forensics:  

  • What is forensics, how is it different from incident response or legal e-discovery, or security monitoring or surveillance? 

  • What would organizations need to do to be “ready” to investigate a policy violation, respond to a litigation hold, or assess the damage from a security or privacy incident?

  • Cyber Insurance: what do the cover, what are the exemptions what is not covered? What can reduce your premiums?

  • How does digital forensics fit into criminal investigations, internal investigations, civil legal disputes, risk management, or the cyber incident response cycle?

  • What do you need to do now, to be ready in case any of these scenarios happens?

 
Putting it all together:

  • Personal vs corporate forensics/security

  • Automation as force for good and evil

  • Intrusion detection

  • Incident response

 
Session 2: Computers, Operating Systems, and File Systems (illustrated with Windows). (3 hours)
 
What are the basic parts and functions of a computer? 

  • Processor: ALU and CPU

  • Storage: registers, memory, persistent storage media

  • Firmware and Software:

    • ​POST on CMOS

    • Operating System

    • Applications

 
What are the general parts and function of an operating system (using Windows as an example).

  • Kernel, Memory management, etc...

  • Pagefile, hyberfil

  • Volume Shadow copy and system restore

  • Microsoft Compatible File systems NFTS, FAT, ExFAT

  • File system journals, $logfile, $UsnJrnl,

  • How to choose the right file system for the task at hand

  • NTFS alternate data streams

  • HDD data recovery and data carving

  • Bitlocker  encryption basics

 
Session 3: Windows Artifacts, Applications, and File Metadata (3 hours)
 
Artifact Basics: examples of the artifacts in different places.  Illustrate and show artifacts with free or open source tools or Windows utilities.

  • Windows registry

  • Event logs

  • Prefetch

  • “Other Forensic Artifacts”: MRU, ShellBags,

  • Volume Shadow Copies

  • File headers and extensions

  • File metadata from Applications:

  • EXIF

  • Office Metadata

  • Photoshop

  • Acrobat/PDFs

 
Session 4: Network and Internet Artifacts Found on Computers (3 hours)
 

Networks and Computer Related Artifacts:

  • Remote Desktop

  • Email

  • Application data (i.e. browser history, messaging apps, location data)

  • Private mode is not

  • DNS cache

  • Firewall logs

  • Volatile connection Data

  • Wireless networks

  • Connected devices

​

bottom of page