Course details

System Security Certified Practitioner (SSCP 2018): Digital Forensics

System Security Certified Practitioner (SSCP 2018): Digital Forensics

Expected Duration
Lesson Objectives
Course Number
Expertise Level


This course explores key aspects of digital forensics by looking at device usage while helping prepare learners for the Systems Security Certified Practitioner (SSCP) certification exam. In 13 videos, you will examine evidence gathering, chain of custody, data recovery, hard drive scrubbing, IP address tracking, and memory forensics. You will learn that a crucial aspect of digital forensics is the gathering of evidence in a lawful manner. Next, learners will examine how to determine when events occurred, when files were modified, when certain websites were accessed, and when messages were received. You will examine the chain of custody for preservation of evidence, and having a detailed account of gathering and handling evidence. This course demonstrates how to recover deleted data, and how to use a steganography tool to hide data in plain sight. You will examine memory forensics, a subset of digital forensics. This course then discusses the NIST (National Institute of Standards and Technologies) document publication 800-86. Finally, learn how to create a raw image of a hard disk drive.

Expected Duration (hours)

Lesson Objectives

System Security Certified Practitioner (SSCP 2018): Digital Forensics

  • Course Overview
  • list steps taken by digital forensic investigators
  • describe the order of volatility and preservation of scene
  • describe how evidence must be gathered and preserved for legal admissibility
  • recover deleted data
  • extract insights from stored web browser data
  • use software to permanently remove hard disk data
  • describe how VPNs and proxies are used to hide network identities
  • use tools to track the origin of an IP address
  • uncover hidden data using a steganography tool
  • describe insights that can be gathered from memory dumps
  • use the Linux dd command to create a disk image
  • use common tools to gather digital evidence
  • Course Number:

    Expertise Level