Home > Workforce Development Center > Customized Training and Boot Camps > CCE BootCamp > Agenda

Agenda: Official Certified Computer Examiner (CCE) BOOTCAMP®

Course Outline

Module 1:

  • Overview of digital forensics
  • Types of digital evidence
  • Legal and ethical issues
  • Computer forensics exams
    • Preparation and reporting
    • Computer hardware
    • Disk drive terms and concepts
    • The boot process and operating systems
    • Base systems and character codes
    • Disk partitions and drive lettering
    • The FAT file system
    • Detailed exam of a floppy disk

Module 2:

  • The FAT file system, continued
    • Root Directory special issues
  • Volume name
  • Where is the end of a directory listing
    • Fragmented files
    • MAC times: storage, meaning, and determining when a computer was last used
    • Long file names
    • Recovering a file by rebuilding the FAT
    • Subdirectories
    • Formatting a Drive

Module 3:

  • NTFS
    • Overview
    • Master File Table
    • Attributes
    • NTFS times
    • Alternate data streams
    • File encryption
    • Runlists
    • Directories
    • The recycle bin

Module 4:

  • Building a forensic boot disk
  • The Windows registry
  • Windows swap and temporary files
  • File signatures
  • Networking components
  • The Internet and TCP/IP
  • Working with Web browsers
  • Metadata
  • FTK (AccessData)
  • Examining CD-ROM media
  • Password-protected files and other data hiding techniques

Module 5:

  • Determining file types
  • Formats of common files
  • File compression
  • Disk compression
  • Defining the deliverable
  • Work product
  • Documentation
  • Testimony

For more information, contact Cathy Brotzman, toll-free (866) 531-9666, or in VT (802) 865-5471 brotzman@champlain.ed

Regsiter Now!

CCE BootCamp Authorized Training Center