Computer Forensics that make your data collection and analysis easy!

First Responder Computer Forensic Training

Forensics First Responder Courses

Presented by Trial Solutions, this intensive hands-on course trains participants with the ‘First Responder’ skills necessary to address digital computer forensic and cyber crimes or incidents. Students will learn how to capture digital evidence from live, virtual, RAID systems and other media devices. Additionally, students will learn how to create forensic images, perform swift and effective analysis in 30-minutes or less, and work with world class tools from ADF Solutions, Logicube, AccessData, Tableau, Digital Intelligence and GetData.

The Ultimate Digital First Responder Courses is an intensive hands on 3 day training course in computer forensics that will teach you how to perform forensically sound computer imaging and analysis. We are located in Houston Texas.

Upcoming 2009 First Responder Courses:

The First Responders Computer Forensics BootCamp runs 3 days. The cost for the 3 day BootCamp is $2,295 per person.

Outline for the Advanced First Responder

1 Introduction to First Responder

2 Computer Forensic Overview

• What is computer crime
• Types of computer crime
• Continuing Education

3 SOPs and Checklists

• SOPs and Checklists and why are they important
• Difference between an SOP and a Checklist
• Creating an SOP or Checklist
• Following an SOP or Checklist
• Keeping an SOP or Checklist up to date
• SOP Staff Agreement

4 Investigative Tools and Equipment

• Write Blocker Overview
• Validating Write Blockers
• Different Types of Write Blockers and where to get them
• Hard Drive Converters
• Imaging Software
• FTK Imager Functionality

5 Bit Locker and Other Types of Encryption

• Encryption Overview
• Full Disk and File Encryption
• First Responder and Passwords
• BitLocker
• What to look for
• Interview Techniques

6 First Responder and the Registry

• Overview
• Extracting Registry Hives - Imager
• Viewing Registry Hives – RegRipper
• Locating USB devices

7 Acquisition of Live Memory

• Why do we need a memory dump?
• Introduction to Helix 3
• Getting the memory dump
• Generate the Hash and Report

8 On Target

• What is Digital Evidence
• Document the Scene
• Device Identification
• Where to Search
• Interview Techniques

9 Network Acquisitions

• Overview
• Before we get there
• Fast Warrants
• Scope
• Data Locations
• Plan the Attack
• Imager CCI

10 Certified Acquisition Specialist (CAS) Exam

Areas of Study.

• Scene Documentation
• Image a drive
• Capture Memory
• Identify and locate Wireless and USB devices
• Extracting and Reading Registry Files
• Proper Paperwork Acquisition Forms, COD etc.
• Preparing Forensic Images for Transport

At the completion of Day-3 students will have an understanding on how to use forensic tools that capture digital evidence. Students will know how to use hardware as well as software tools.

Students will demonstrate their knowledge by taking a Hands-on Practical Skills exam.

  • See Calendar for Next First Responder Course:

Full calendar of upcoming computer forensic training events

Reservations for the Forensics First Responders Courses are on a first come first serve basis. Onsite training courses are also available. For information, please contact us at or 713-462-6464.


Computer Forensics