This course takes two enormously challenging areas facing IT security professionals today: incidence response and virtualisation and attempts to meld these together. Forensics is at the heart of incidence response, and therefore this training will focus on how to gather evidence relating to an incident – the what, when, where, who and why of an incident – within today’s common virtual environments. Additionally, the course will take a deep dive into the virtual infrastructure, and contrast the various virtual entities against their physical counterparts. This will allow a clear demonstration of the forensically-relevant differences between the virtual and physical environments. Finally this course will use hands-on labs to demonstrate how to examine relevant components of a virtual infrastructure. At the close of this course you wille be able to apply forensically sound best practice techniques within a virtual infrastructure.
Key Course information:
Duration: 5 days
Language: English
Class formats:
- Instructor-led
- Self-Study
- Live Virtual Training
Suggested Prior Knowledge:
- Knowledge in digital forensics. or
- Knowledge in computer forensics
Applicable Exams:
- Mile2 C)VFE
CPEs: 40
Modules:
-
- Module 1 – Digital Forensics – the what, where, when, how and why
- Module 2 – Virtual Infrastructure
- Module 3 – Forensic Investigation Process
- Module 4 – VI Forensics Scenario 1: Identifying direct evidence of a crime
- Module 5 – VI Forensics Scenario 2: Attributing Evidence to Specific Requests
- Module 6 – VI Forensics Scenario 3: Confirming (or negating) suspect alibis
- Module 7 – VI Forensics Scenario 4: Confirming (or negating) suspect statements
- Module 8 – VI Forensics Scenario 5: Determining (or negating) suspect intent
- Module 9 – VI Forensics Scenario 6: Identifying sources
- Module 10 – VI Forensics Scenario 7: Authenticating documents
- Module 11 – Putting it all together – Course Summary
Who should attend:
- Virtual infrastructure specialists
- Forensic investigators
Upon Completion:
Upon completion, Certified Virtualization Forensic Examiner students will have the knowledge to perform virtualization forensic examinations. Have the knowledge to accurately report on their findings from examinations. Be ready to sit for the C)VFE Exam
Re-Certification Requirements:
All Mile2 certifications will be awarded a 3-year expiration date.
There are two requirements to maintain Mile2 Certification:
1) Pass the most current version of the exam for your respective existing certification
2) Earn 20 CEUs (Continuing Education Units) per year. You may submit your CEUs in your Mile2 inbox. These CEUs must fall under “Qualify Continuing Educational Activities).
C)PSH Exam Information:
The Certified Virtualization Forensic Examiner exam is taken online through Mile2’s Assessment and Certification Systems (“MACS”), which is accessibly through your Mile2.com account. The exam will take two hours and consist of 100 multiple choice questions.
Course Facts:
Do you have to purchase a course to buy a certification exam?
- No. You do not have to purchase a course to buy a certification exam.
Do all Mile2 courses map to a role based career path?
- All of our courses can be taken independently. In order to help guide our students on their cybersecurity career journey we have developed the Mile2 Certification Roadmap. This helpful resource maps specific courses to Role-based career tracks.
