• Home
• Our Firm
• Areas of Practice
  • Impaired Driving
  • Drug Offences
  • Sexual Offences
  • Homicide
  • Theft and Fraud
  • Spousal Assault
  • Other Assaults
• Computer Forensics
  • Computer Forensics Overview
  • Legal Issues in Computer Forensics
  • Our Forensics Training
  • Our Services
• In Court
  • First Appearance
  • Pleading
  • Court Process
• Contact Us

Our Forensics Training

Neutrino - Mobile Phone Forensics - Los Angeles California

• overview of mobile phone networks
• how to identify mobile phones
• how to work with various service providers
• proper seizure techniques
• a detailed understanding of all componets that make up EnCase Neutrino
• acquire data from mobile phones
• acquire and examine SIM cards
• examine the data that they have acquired
• learn how to create logical evidence files with EnCase Neutrino
• an overview of mobile phone data storage
• how to use conditiona in EnCase Neutrino
• how to report their findings

Advanced Internet Examinations – Washington DC

• the history, operation and artifacts associated with peer-to-peer file-sharing applications such as BitTorrent™, LimeWire™ and BearShare.
• the impact of Trojan viruses through examination of:
• Defense issues
• The Windows® Registry
• Hash analysis
• Anti-virus scanning and virus analysis using the EnCase® Virtual File System (VFS) Module and the EnCase® Physical Disk Emulator (PDE) Module
• how to examine system monitors and key loggers
• how to identify artifacts from instant message clients such as AOL® IM (AIM®) and Yahoo! ® Messenger
• the operation of the Microsoft® Internet Explorer web browser with regards to typed URLs, password and form-data storage, cookies, Internet history and cache content
• how web pages are constructed and will use this information, together with their new-found knowledge of cached Internet Explorer web content, to correctly rebuild web pages
• artifacts introduced with Microsoft® Internet Explorer 7
• the operation of web search engines
• web-based email
• Microsoft® Outlook PST structure and about viewing Lotus® Notes email data
• the history, operation and artifacts associated with Mozilla-based web browsers (including Firefox)

Network Intrusion Investigations training - London England

• The hacker mind and methodology
• Common tool knowledge and hash sets
• Incident response techniques and considerations
• Understanding and processing volatile data
• Networking 101
• Network-based attacks
• Network hardware devices
• Firewall
• TCP/IP overview
• Core protocols and layering
• Host enumeration and port and vulnerability scanning
• Windows® file sharing and vulnerabilities
• Hiding and manipulating data
• Web server attacks
• Remote access Trojans
• Internet Relay Chat (IRC) bots
• Windows rootkits
• Buffer overflows
• DCOM vulnerabilities
• The Metasploit framework
• SQL database attacks
• Binary analysis

Advanced Computer Forensics training
- Los Angeles California

• Analysis of NT File System (NTFS) artifacts in Windows operating systems
• Advanced NTFS data recovery
• Examination of the Microsoft Windows Registry
• Analysis and recovery of Microsoft Windows event log files
• Hardware and software RAID technology, acquisition and examination
• Principles of encrypted data recovery
• Understanding and examining Windows BitLocker™ volumes
• Linux and UNIX operating and file system artifacts
• Linux partition recovery
• Data acquisition using Linux
• Understanding and examination of Macintosh disk and file system structure
• Forensic examination of Macintosh computers
• Macintosh OS X® operating system artifacts
• Reinforcement of the EnCase® computer forensic methodology
• Introduction to EnScript programming

Computer Forensics II training - Chicago Illinois

• How to create and use of logical evidence files
• How to locate and recover deleted partitions and folders
• How to conduct keyword searches and advanced searches using GREP
• Students will gain an understanding of the EnCase Virtual File System (VFS) and Physical Disk Emulator (PDE)
• Students will learn about the Windows® Registry
• Students will learn how to deal with compound file types
• How to export files, directories and entire volumes
• How to identify files using hash values and building hash libraries
• How to identify Windows XP operating system artifacts such as link files, recycle bin, and user folders
• How to prepare reports and evidence for presentation in court
• How to recover artifacts such as swap files, file slack, and spooler files
• How to recover printed and faxed pages

Computer Forensics I training – Houston Texas

• What constitutes digital evidence and how computers work
• An overview of the EnCase Computer Forensic Methodology
• Basic structures of the FAT and NTFS file systems
• How to create a case and how to preview/acquire media
• How to conduct basic keyword searches
• How to analyze file signatures and view files
• How to restore evidence
• How to archive files and data created through the analysis process
• How to prepare evidence for presentation in court
• How to verify the evidence file

 

Robert A. Mulligan, Q.C.
Michael T. Mulligan
Andrew Tam
Paul E. Pearson

24 Hour Immediate
Confidential Help

2nd Floor
736 Broughton Street
Victoria, BC V8W 1E1
Local (250) 480 4040
Fax (250) 480 0004
Toll Free 1 800 664 2785