Digital Evidence Acquisition Specialist Training

Description

The Digital Evidence Acquisition Specialist Training (DEASTP) is designed to equip investigators with the knowledge, skills, and abilities to properly identify, seize and acquire digital evidence. Through a combination of lecture, demonstration, hands on exercises, labs and a practical exercise. Investigators learn how to seize digital evidence from computers, computer hard drives and various digital media by acquiring forensically valid images of the digital media. Investigators also learn how to preview digital media prior to acquisition to determine if the media contains key text strings, unlawful graphics, etc. In addition to imaging static devices, students also learn Incident Response techniques, conducting RAM Capture and Live acquisitions of running computers.

The DEASTP program is an intense program that requires substantial computer aptitude. Successful completion of a graded practical exercise is required for graduation.

At the conclusion of the training program, the participants will be able to successfully seize and acquire digital evidence. These skills will be demonstrated through the completion of an eight-hour practical exercise. The practical exercise includes a simulated search warrant scenario. [Note: The search warrant scenario does not include tactics (e.g., dynamic building entry, handcuffing suspects, use of firearms, etc.). The practical exercise requires each student to work independently to acquire various types of digital evidence in a forensically sound manner.

Novice skill level students who need training in any of the prerequisites are referred to any of several sources including: Internet online training courses, adult training courses typically offered in local colleges and universities or other sources, commercial training providers that offer courses in fundamental computer usage.