Easy Learning GIAC Advanced Smartphone Forensics (GASF) Smartphone Forensic Analysis In-Depth  (dvd)

Course Topics Malware and Spyware on Smartphones Mobile devices in incident-response cases Determining if malware or spyware exist Handling the isolation of the malware Decompiling malware to conduct in-depth analysis Determining what has been compromised Forensic Analysis of Smartphones and Their Components Android iOS SD cards Cloud-based backups and storage Cloud-synced data - Google and more Devices that have intentionally been modified - deleting, wiping, and hiding applications Deep-Dive Forensic Examination of Smartphone File Systems and Data Structures Recovering deleted information from smartphones Examining SQLite databases in-depth Finding traces of user activities on smartphones Recovering data from third-party applications Tracing user online activities on smartphones (e.g., messaging and social networking) Examining application files of interest Manually decoding to recover missing data and verify results Developing SQL queries to parse databases of interest Understanding the user-based and smartphone-based artifacts Leveraging system and application usage logs to place the device in a location and state when applications were use In-Depth Usage and Capabilities of the Best Smartphone Forensic Tools Using your tools in ways you didn't know were possible Leveraging custom scripts to parse deleted data Leveraging scripts to conduct forensic analysis Carving data Developing custom SQL queries Conducting physical and logical keyword searches Manually creating timeline generation and link analysis using information from smartphones Tool validation based on trusted datasets Using geolocation information from smartphones and smartphone components to place a suspect at a location when an artifact was created Handling Locked and Encrypted Devices Extracting evidence from locked smartphones Bypassing encryption (kernel and application level) Cracking passcodes Decrypting backups of smartphones Decrypting third-party application files Examining encrypted data from SD cards Incident Response Considerations for Smartphones How your actions can alter the device How to handle Hot and Cold devices How to prevent remote access on the device How to tie a user or activity to a device at a specific time How mobile device management can hurt as much as help you