• Home
• Our Firm
• Areas of Practice
  • Impaired Driving
  • Drug Offences
  • Sexual Offences
  • Homicide
  • Theft and Fraud
  • Spousal Assault
  • Other Assaults
• Computer Forensics
  • Computer Forensics Overview
  • Legal Issues in Computer Forensics
  • Our Forensics Training
  • Our Services
• In Court
  • First Appearance
  • Pleading
  • Court Process
• Contact Us

Our Forensics Training

Neutrino - Mobile Phone Forensics - Los Angeles California

• overview of mobile phone networks
• how to identify mobile phones
• how to work with various service providers
• proper seizure techniques
• a detailed understanding of all componets that make up EnCase Neutrino
• acquire data from mobile phones
• acquire and examine SIM cards
• examine the data that they have acquired
• learn how to create logical evidence files with EnCase Neutrino
• an overview of mobile phone data storage
• how to use conditiona in EnCase Neutrino
• how to report their findings

Advanced Internet Examinations – Washington DC

• the history, operation and artifacts associated with peer-to-peer file-sharing applications such as BitTorrent™, LimeWire™ and BearShare.
• the impact of Trojan viruses through examination of:
• Defense issues
• The Windows® Registry
• Hash analysis
• Anti-virus scanning and virus analysis using the EnCase® Virtual File System (VFS) Module and the EnCase® Physical Disk Emulator (PDE) Module
• how to examine system monitors and key loggers
• how to identify artifacts from instant message clients such as AOL® IM (AIM®) and Yahoo! ® Messenger
• the operation of the Microsoft® Internet Explorer web browser with regards to typed URLs, password and form-data storage, cookies, Internet history and cache content
• how web pages are constructed and will use this information, together with their new-found knowledge of cached Internet Explorer web content, to correctly rebuild web pages
• artifacts introduced with Microsoft® Internet Explorer 7
• the operation of web search engines
• web-based email
• Microsoft® Outlook PST structure and about viewing Lotus® Notes email data
• the history, operation and artifacts associated with Mozilla-based web browsers (including Firefox)

Network Intrusion Investigations training - London England

• The hacker mind and methodology
• Common tool knowledge and hash sets
• Incident response techniques and considerations
• Understanding and processing volatile data
• Networking 101
• Network-based attacks
• Network hardware devices
• Firewall
• TCP/IP overview
• Core protocols and layering
• Host enumeration and port and vulnerability scanning
• Windows® file sharing and vulnerabilities
• Hiding and manipulating data
• Web server attacks
• Remote access Trojans
• Internet Relay Chat (IRC) bots
• Windows rootkits
• Buffer overflows
• DCOM vulnerabilities
• The Metasploit framework
• SQL database attacks
• Binary analysis

Advanced Computer Forensics training
- Los Angeles California

• Analysis of NT File System (NTFS) artifacts in Windows operating systems
• Advanced NTFS data recovery
• Examination of the Microsoft Windows Registry
• Analysis and recovery of Microsoft Windows event log files
• Hardware and software RAID technology, acquisition and examination
• Principles of encrypted data recovery
• Understanding and examining Windows BitLocker™ volumes
• Linux and UNIX operating and file system artifacts
• Linux partition recovery
• Data acquisition using Linux
• Understanding and examination of Macintosh disk and file system structure
• Forensic examination of Macintosh computers
• Macintosh OS X® operating system artifacts
• Reinforcement of the EnCase® computer forensic methodology
• Introduction to EnScript programming

Computer Forensics II training - Chicago Illinois

• How to create and use of logical evidence files
• How to locate and recover deleted partitions and folders
• How to conduct keyword searches and advanced searches using GREP
• Students will gain an understanding of the EnCase Virtual File System (VFS) and Physical Disk Emulator (PDE)
• Students will learn about the Windows® Registry
• Students will learn how to deal with compound file types
• How to export files, directories and entire volumes
• How to identify files using hash values and building hash libraries
• How to identify Windows XP operating system artifacts such as link files, recycle bin, and user folders
• How to prepare reports and evidence for presentation in court
• How to recover artifacts such as swap files, file slack, and spooler files
• How to recover printed and faxed pages

Computer Forensics I training – Houston Texas

• What constitutes digital evidence and how computers work
• An overview of the EnCase Computer Forensic Methodology
• Basic structures of the FAT and NTFS file systems
• How to create a case and how to preview/acquire media
• How to conduct basic keyword searches
• How to analyze file signatures and view files
• How to restore evidence
• How to archive files and data created through the analysis process
• How to prepare evidence for presentation in court
• How to verify the evidence file

 

Robert A. Mulligan, Q.C.
Michael T. Mulligan
Andrew Tam
Paul E. Pearson

24 Hour Immediate
Confidential Help

2nd Floor -
736 Broughton Street.
Victoria, BC V8W 1E1
Local (250) 480 4040
Fax (250) 480 0004
Toll Free 1 800 664 2785