ICAC-MTI Class List

ICAC-Cybercop 215 - Macintosh® Triage and Imaging

This course is funded through OJJDP. To register for this class, you must be affiliated with an ICAC Task Force. Furthermore, you must agree to comply with the Best Practices and Standards established by ICAC. If you have any questions about the ICAC Best Practices and Standards, please contact your ICAC commander.

This 2 day course begins by introducing the students to various models of Apple® hardware that are most likely to be encountered during an investigation. Students will then be introduced to the Mac OS X® operating system and gain the basic skills necessary to navigate and utilize both the graphical and command line interfaces.

Focus will then shift to the identification and collection of volatile data, such as File Vault encrypted data, running applications and processes, open ports, and a current hardware/software inventory, from a running Macintosh® computer that may otherwise be lost or unavailable once power is removed.

Finally, attendees will be familiarized with the available methods for forensically imaging a Macintosh® computer while also becoming aware of the unique challenges this task may present on certain Macintosh® models.

This course is designed for students who already have a solid understanding of computer forensic principles, have prior experience preserving and collecting items of evidentiary value from an electronic crime scene, and have prior experience acquiring forensically-sound images of various types of digital media. Students will use Mac OS X and other third party tools, both free and commercial, currently in use by practitioners in the field.

PREREQUISITES: This course requires the student to have successfully completed Cybercop 101 – BDRA or the equivalent and/or have the experience drawn from the application of the techniques utilized in the Cybercop 101 - BDRA class.

There are currently no scheduled classes for this course. If you are interested in knowing when the next class might be offered or would like more information in general please see the training contact information on this page.

Back to List

Forensics Tool Testing

National Institute of Standards and Technology

In an effort to enhance its support for law enforcement at the state and local level, NW3C participates in the National Institute of Standards and Technology’s Computer Forensics Tool Testing (CFTT) steering committee.

More . . .

Hosting NW3C Classes

If you are interested in hosting NW3C’s training in your area please review the appropriate information below. Note that your agency will be allowed to reserve seats for the class(es) and must meet the criteria described in the document associated with the type of hosting you request.

Training Contacts

Instructor Led
Phone:   (877) 628-7674
Email: training@nw3c.org

Email:     onlinelearning@nw3c.org

NW3C Social Media Channels

© 2012. NW3C, Inc. d/b/a the National White Collar Crime Center. All Rights Reserved.
Disclaimer | Privacy Policy | Sitemap