You are here: Home 專業證書Certification trainings and short courses Cert. Courses Content Certified CelleBrite UFED Mobile Device Examiner

EnCase V7 Training

Certified CelleBrite UFED Mobile Device Examiner

Cell Phone Forensics Part I

This Certified CelleBrite UFED course teaches students an in-depth understanding of Cell Phone forensic methodologies and the knowledge and skills needed to conduct a thorough cell phone investigation at the scene or in the lab. At the completion of this course each student will take the written and hands-on Certified CelleBrite UFED Mobile Device Examiner (CCUMDE) exam. Only the best cell phone examiners will become CCUMDE!

Key Topics:

  • Cell Phone Forensics – an Introduction

  • Defining Methodical Procedures for Evidence handling

  • Pro-active versus Re-Active Investigations

  • Understanding the source of Cell Phone evidence

  • Cell Phone network infrastructure – CDMA GSM – iDEN and Supporting Protocols

  • Interpreting Cell Phone and Network identifications

  • MEID / MSNFCC ID / ESN – IMEI – IMSI

  • Understanding SIM, USIM, RUIM and CSIM

  • Understanding PIN and PUK codes

  • Acquiring evidentiary data from Cell Phones

  • Physical memory

  • Flash Memory HEX Dumps – an introduction

  • Passwords / Security PINs

  • Deleted data

  • Data Carving

  • Last SIM card installed

  • Logical memory

  • Calendar

  • Audio – Music – Video

  • Inbound / Outbound data

  • Address Book

  • SMS and MMS

  • Instant Messenger – AIM, MSN, Yahoo, Google, etc

  • E-mail messages

  • Data Files - Attachments

  • GTags

  • SIM, USIM, Flash Memory and associated devices

  • Faraday Solutions, Evaluations and Examinations

  • Creating a SIM ID clone to create a faraday solution

  • Using the CelleBrite Universal Forensic Extraction Device (UFED)

  • Extracting Data – Analysis and creating a CelleBrite Report

  • UFED Physical Pro extraction tool – an introduction

  • Comparative use of either the CellDEK, SecureView, XRY or the Device Seizure Field Kit

  • Using ZRT and ZRTV an innovative solution that will support ALL phones – Developed by Fernico

  • Integrating CelleBrite evidence into DataExaminer, EnCase, FTK, P2 Commander and other tools

 

Cell Phone Forensics Part II

Part II of the cell phone forensic course focuses on using processes known as HEX Dumps or physical acquisitions on cell phones and mobile hand-held devices. Topics covered enable the user to perform a more thorough data analysis and examination using specialized techniques to interpret the variety of data formats associated with cell phone forensics.

 

When all else fails and your current tools don’t work, you need to understand how to reverse engineer cell phone data and be able to read this data when no one else or cell phone forensic tool can. This course will provide attendees with the knowledge and skills needed to perform and interpret HEX Dumps, extract and analyze data from iPhones, Blackberries, and other cellular phones and to conduct a more systematic advanced cell phone investigation.

 

In addition to the Cellebrite UFED Physical Pro Software, MSAB, and the H3 Mobile Device Toolkit will also be used to illustrate access to critical cell phone evidence and data. Understanding forensic tools can provide investigators access to data even if the handset has password protection; is damaged; or the SIM card is missing.

Key Topics:

  • Cell Phone Forensics I Review

  • Procedures for Evidence handling

  • Cell Phone network infrastructure CDMA – GSM – iDEN

  • PIN and PUK codes

  • Physical memory / Logical memory

  • SIM, CSIM, USIM, Flash Memory and associated memory devices

  • Flasher Boxes and Extraction Methods (using one or more of the following flasher tools)

  • Infinity

  • Vygis

  • NS Pro

  • Rocker Dongle

  • SE Tools3

  • JAF Box

  • N-BOX UFS 3 Twister/Tornado Flasher-Unlocker With HWK Update

  • Understanding Binary and Non-Binary Files

  • Understanding the Hexadecimal format

  • Hexadecimal Pattern Analysis

  • Using HEX tools to view the .PM, Absolute, and BIN files

  • Interpreting HEX Dump data by Reverse Engineering Cell Phone Data

  • PDU encoders and decoders

  • Gtag / EXIF Decoding and mapping

  • CelleBrite Physical Pro extraction tool

  • Other physical extraction tools

  • iPhone Forensics – an introduction

  • Blackberries – an introduction

  • Extracting Data – Analysis and creating a CelleBrite Report

  • Integrating CelleBrite evidence into EnCase, FTK, P2 Commander, i2 and other tools

Schedule:

Date: Upon Request

Time: Upon Request

Tuition:

HK$39500  per seat*

*Students will have to bring their own unit(s) of UFED with Physical Pro before attending the class.

*Recommendation: One unit of UFED with Physical Pro software may cater up to 2 students.

*For the quotation of Cellebrite UFED and Physical Pro Software, please contact us for further details.

Application & Enrolment

Please contact Mr Cheng at:

Hong Kong Telephone: (852) 2206-9011
Macau Telephone: (853) 6636-9010
Mainland China Telephone: (86)1326 6941 519 This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
Email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it.

 

Joomla 1.6 Templates designed by Joomla Hosting Reviews