Each apprentice has a computer with virtual machines to investigate.
Several Hands on exercices.
The course also embeds feedback from Thales experience on Cybersecurity tools, devices, projects and solutions.

After the course, the students know :

• Juridical aspects and Forensic investigation rules
• Common Forensic investigation methods
• Techniques to recover information
• Techniques to analyse information
• Investigation, recovery and analyse tools
• Common hardening rules to apply
• Best practices to interact with qualified Organizations

Goals and interests

• Recent Forensic investigation examples
• Investigation processes
• Juridical aspects of Forensic investigation

Malwares awareness

• Overview of Malwares in our IT system
• Analysis of a compromised system by a malware

Structuring and Acquisition of data

• Comprehension of system files
• Comprehension of hard drive topology
• Starting processes of Windows / Linux / Macintosh
• Best Practices about acquisition methods of data
• Data Acquisition and duplication
• Recovery of deleted data

Windows Forensic

• Methods and tools for Forensic investigation
• Forensic analysis
• Investigation on events / logs
• Investigation on network traffic / Router Forensic
• Tools and applications Forensic
• Steganography / Image files Forensic
• Memory analysis on Windows system