Windows® 10 Advanced Analysis
The Advanced Windows® 10 Forensic analysis class is an expert-level four-day
training course, designed for examiners who are familiar with the principles of
digital forensics and keen to expand their knowledge on advanced forensics using
a host of third-party tools to improve their computer investigations.
The Spyder Forensic Advanced Windows® 10 Forensic Analysis course will give
participants unbiased knowledge and skills necessary to analyze artifacts left
behind through system and user interaction with the host system, utilizing
industry standard tools and open source applications to explore the data in
greater depth by learning how applications function and store data in the file
Students will learn to use various applications and utilities to successfully
identify, process, understand and document numerous Windows® artifacts that
are vitally important to forensic investigations. The participant will also gain
knowledge on how to process Edge browser history, cookies, temp files InPrivate
browsing challenges and analysis, BitLocker encryption, Windows® Action Center
(Notifications SQLite Database) and other Windows® 10 specific artifacts. The
course includes gaining in depth knowledge of JumpLists, Registry analysis and
prefetch files, Timeline and how they relate to forensic investigations and
conclude with an in-depth look into OneDrive and synchronization processes
between trusted devices.
Students will use a variety of open source and leading forensic applications to
examine key artifacts through multiple hands on labs and student practical’s.