Curso de Experto Investigador de Ciberdelitos de IFCI

Resumen

Protect your network - Put cybercriminals in jail. Learn computer forensics, malware analysis and hacker investigations.

What you'll learn:

Respond to cybercrime incidents, forensic acquisition, volatile memory acquisition, and live system analysis.Conduct full system computer forensic investigation, recover deleted files, carve data structures from unallocated space.Identify, extract, and analyze malware.Analyze data breach incidents to determine if and what data was stolen.Conduct volatile memory analysis using Volatility.Learn the history of cybercrime, how it intertwines with organized crime, is monetized, cyber espionage, cyber terror and nation state sponsored attacks.Learn hacker tactics, techniques, and procedures - and how to defend against them.Learn techniques to pursue cybercriminals across the globe.Testify as an expert witness against computer criminals.Take the exam and become a professional IFCI Certified Cybercrime Investigator (IFCI-CCI) What is the IFCI Cybercrime Investigator's Course? IFCI’s flagship training program is the IFCI-CCI (Cybercrime Investigator) Training course.

The IFCI-CCI teaches students the skills necessary to respond to all kinds of cybercrime incidents, from initial incident response and digital crime scene evidence acquisition to advanced forensic analysis and tracking International cybercriminals across the Internet. The main goal for this course is to empower the nation’s cyber investigators with the knowledge, skills and abilities to undertake and successfully carry out their own investigations.

This course is the first step for investigators to turn the tables on cyber criminals who are fleecing legitimate economies worldwide of billions of dollars every year. Some Course highlights include:

15 hands-on labs - devised of real world scenarios Analysis of Windows forensic artifacts Volatile memory analysis Network intrusion investigations Internet activity and email analysis Network traffic data analysis International cybercriminal profiling Attack vector identification Dynamic malware analysis Who Should Take this course?

Anybody whose job requires them to respond to cyber incidents, or anyone with an interest in cybercrime investigation, should take the IFCI-CCI training course. This course will help you by providing fast solutions to the following emergency situations:

Corporate Risk/Security - Intellectual Property Theft Case:

Your Research and Development Director quits and goes to work for a competitor.

Can you determine if he copied your company’s secrets to a USB drive to take with him? Police Investigations - Kidnapping Case:

A child is taken from his home at night and the family receives an email with a proof-of-life picture and ransom demand.

Can you extract IP addresses from the email headers to track the offender back to his location, or extract lat/long coordinates from the picture’s EXIF data to determine the exact location the picture was taken? IT Security Team - Rogue Malware Case:

You discover malware on an internal corporate computer but you don’t know what it does or why it’s there.

Can you analyze the malware, determine its capabilities, identify its target data, and destroy its data exfiltration file before your corporate proprietary information is lost? Federal Cyber Agent - Botnet Investigation Case:

You’ve tracked botnet malware back to a specific set of command and control servers, but what’s the next step?

Can you determine the server’s physical location in the world and research current and historical whois information? Are you able to research other malicious domains associated with the same IP address and track Command and Control proxy servers back to specific malicious actors?

E-Discovery Analyst - File access case:

You’ve recovered and indexed thousands of PDF files on a computer. One was flagged as key to the case and you are asked if the computer owner knew of and accessed this file.

Can you examine the Windows registry and link files to determine the exact time and date that specific users accessed individual files? Why take this course?

Cybercrime is epidemic. The headlines declare it daily:

2015 - SONY is devastated by an attack that destroys its internal systems, steals terabytes of private data, posts unreleased movies on Internet torrent sites, and humiliates corporate executives.

The cost to corporate image and revenue stream is uncountable. 2014 - Home Depot is hacked, losing an estimated 55 million credit cards to the cybercrime underground. 2013 - Russian Hackers steal 40 million credit cards from Target, resulting in approx $1 billion in losses to the company. 2012 - The Shamoon virus destroys nearly 30,000 Saudi Aramco Computers, temporarily shutting down one of the world’s largest corporations. 2011 - SONY data breach lost personal details and payment information for approximately 77 million customers, resulting in massive monetary loss and the temporary closure of the PlayStation Gaming Network. The corporations victimized in these situations were unprepared to respond to the attacks causing delayed investigations and reduced information flow to decision-making executives.

Eventually, they contracted out the investigations to high-priced consultants, whose investigative results were often too little, too late. IFCI-CCI’s mission is to provide our students the knowledge and skills necessary to respond to network attacks immediately, analyze the evidence, produce actionable cyber-intelligence, and implement it to shore up security vulnerabilities before they become massive breaches like those mentioned above.

There is a dearth of quality training in computer forensics, even less for hacker and malware focused investigations, and almost nothing that is available in a convenient online format that can be studied from the comfort of your own home, and fit to your own schedule. IFCI fills this void by providing the finest cybercrime investigation training in the world, created and delivered by some of the world’s foremost experts in their field, and streamed directly to any Internet-connected device you choose to employ.

Programa

• Introducción a la Investigación del Cibercrimen
Visión General del Cibercrimen
Rol de un Investigador de Cibercrimen
Consideraciones Legales y Éticas
• Conceptos Fundamentales del Cibercrimen
Tipos de Cibercrimen
Herramientas y Técnicas Comunes del Cibercrimen
Comprensión de la Mentalidad de los Ciberdelincuentes
• Proceso de Investigación del Cibercrimen
Planificación y Estrategia Inicial
Identificación y Recolección de Evidencia
Uso de la Informática Forense
• Manejo de Evidencia Digital
Cadena de Custodia
Asegurando la Integridad de la Evidencia
Herramientas para la Recuperación de Evidencia
• Seguridad de Redes y Sistemas
Comprensión de la Arquitectura de Redes
Identificación de Vulnerabilidades de Seguridad
Ataques Comunes a Redes y Contramedidas
• Técnicas de Investigación
Investigación en Línea e Inteligencia de Fuentes Abiertas (OSINT)
Ingeniería Social y Análisis del Comportamiento
Rastreo de Huellas Digitales
• Marcos Legales e Informes
Comprensión de las Leyes Relevantes de Cibercrimen
Redacción de Informes de Investigación Efectivos
Presentación de Evidencia en Procedimientos Legales
• Estudios de Caso y Ejercicios Prácticos
Análisis de Casos Reales de Cibercrimen
Realización de Investigaciones Simuladas
Experiencia Práctica con Herramientas de Investigación
• Tendencias Emergentes y Desafíos Futuros
Nuevas Tecnologías y Cibercrimen
Análisis Predictivo e Inteligencia de Amenazas
Mantenerse Actualizado con las Mejores Prácticas de la Industria
• Certificación y Aprendizaje Continuo
Preparación para el Examen de Certificación
Oportunidades para Entrenamiento Avanzado
Recursos para la Educación Continua y Participación en Comunidad

---

Impartido por

Brian Hussey

---

Materias

Information Security (InfoSec)