The Digital Evidence Acquisition Specialist Training (DEASTP) is designed to equip investigators with the knowledge, skills, and abilities to properly identify, seize and acquire digital evidence. Through a combination of lecture, demonstration, hands on exercises, labs and a practical exercises. Investigators learn how to seize digital evidence from computers, computer hard drives and various digital media by acquiring forensically valid images of the digital media. Investigators also learn how to preview digital media prior to acquisition to determine if the media contains key text strings, unlawful graphics, etc. In addition to imaging static devices, students also learn Incident Response techniques, conducting RAM Capture and Live acquisitions of running computers.
The DEASTP program is an intense program that requires substantial computer aptitude. Successful completion of a graded practical exercise is required for graduation.
At the conclusion of the training program, the participants will be able to successfully seize and acquire digital evidence. These skills will be demonstrated through the completion of an eight-hour practical exercise. The practical exercise includes a simulated search warrant scenario. [Note: The search warrant scenario does not include tactics (e.g., dynamic building entry, handcuffing suspects, use of firearms, etc.). The practical exercise requires each student to work independently to acquire various types of digital evidence in a forensically sound manner.
Novice skill level students who need training in any of the prerequisites are referred to any of several sources including: Internet online training courses, adult training courses typically offered in local colleges and universities or other sources, commercial training providers that offer courses in fundamental computer usage.
For acceptance into this program, the applicant must meet the below standards:
Applicant must be a law enforcement officer/agent, Direct Law Enforcement Support Personnel (DLESP) or employees of a federal, state, local, tribal or international agency who perform functions directly related to a law enforcement or Department of Homeland Security (DHS) mission. This category of personnel may also include military personnel preparing for deployment. A functional knowledge of computers is recommended.
- This program is part of the FLETC's Cybercrime Track (FCT) or the Electronic Surveillance (ELSUR) Track. By entering FCT or ELSUR into the search window, other related Cyber Division programs can be found.
Required Training Materials
- Electronic Law and Evidence
- First Responders to Digital Evidence
- Data Acquisition
- Disk Acquisition: Final Practical Exercise
- Network Investigations
Program Contact Info