Blackberry Analysis
Blackberry Analysis Intermediate • Learning Management System (LMS)
®
This AccessData BlackBerry Forensics training class covers the particulars of the hardware, which includes the stored data available for analysis and the BlackBerry backup file. This course also discusses the best options to capture the data from BlackBerry devices. Like all other Mobile Forensic Inc. courses, you as the examiner will be armed with the ability to perform forensic analysis both using automated tools and manual methods (result verification). This course uses a multiple-tool approach to mobile phone forensics. It uses both free and commercial applications and teaches the skills needed to find and process data with the aid of specialized software tools. There is no single tool that will entirely process every cellular device. Mobile Forensics, Inc., trains you to know where information is located on cell phones and how to extract that information—-both with and without tools—so you can obtain the maximum amount of data from mobile devices. Prerequisites This course is intended for forensics professionals and law enforcement personnel who must conduct mobile device examinations utilizing multiple tools and a tested forensic process. To obtain the maximum benefit from this class, you should meet the following requirements: Read and understand the English language. Be familiar with BlackBerry devices. Attend the AccessData MFI 101 Course or equivalent.
Have previous investigative experience in mobile forensic case work. Class Materials and Software You will receive the student training manual and CD containing the training material, lab exercises and classrelated information.
(Continued on other side)
For a complete listing of scheduled courses, visit http://www.accessdata.com/training/calendar-and-syllabi Some topics and items in this class syllabus are subject to change. This document is for information purposes only. AccessData makes no warranties, express or implied, in this document. AccessData, AccessData Certified Examiner, ACE, Distributed Network Attack, DNA, Forensic Toolkit, FTK, LAB, Password Recovery Toolkit, PRTK, Registry Viewer, and Ultimate Toolkit are registered trademarks of the AccessData Group, LLC. in the United States and/or other countries. Other trademarks referenced are property of their respective owners.
Blackberry Analysis Intermediate • Learning Management System (LMS)
(Continued) Module 1: Introduction Topics Student Introductions Software Used in This Course BlackBerry Desktop Software ABCAmber BlackBerry Converter / BlackBerry Backup Explorer BlackBerry Simulator MPE+ FTK Rubus Course Overview Module 2: BlackBerry History Objectives Describe the progression of the keyboard styles, model numbers and style names. Locate model information including user manuals. Identify network formats. Module 3: BlackBerry Hardware Objectives Describe the information contained on the device label. Explain information found on the external memory card. Explain why network isolation is important and the result of installing the handset battery. Module 4: Data Contents Objectives Understand and prevent content wipe. Describe the complications of a locked handset. Identify which carrier is associated with the handset. Understand the many databases contained on the BlackBerry. Understand the BBM process, including backup and logging.
Module 5: Desktop Software Objectives Set up and configure a simulator. Locate the current version of the software based on country of origin and operating system. Properly install the software so as to avoid data contamination. Create a backup file and document the process. Module 6: Backup Files Objectives Identify the unique phrasing of the file header for a keyword search on a computer. Identify the content differences between a Windows and a Mac backup file. Resolve the issue of an encrypted backup file. Module 7: Tools Objectives Analyze files using ABC Amber BlackBerry Converter and BlackBerry Backup Explorer. Extract databases using Mobile Phone Examiner Plus (MPE+). Analyze data using FTK. Discuss other handset analysis tools such as .XRY, CelleBrite and SecureView. Module 8: Tools Objectives Analyze files using ABC Amber BlackBerry Converter and BlackBerry Backup Explorer. Extract databases using Mobile Phone Examiner Plus (MPE+). Analyze data using FTK. Discuss other handset analysis tools such as .XRY, CelleBrite and SecureView. Labs Export BlackBerry backup files. Use MPE+ to process a BlackBerry. Process files into FTK. Module 9: Practical This final practical tests participants’ comprehension of the entire course.
For a complete listing of scheduled courses, visit http://www.accessdata.com/training/calendar-and-syllabi Some topics and items in this class syllabus are subject to change. This document is for information purposes only. AccessData makes no warranties, express or implied, in this document. AccessData, AccessData Certified Examiner, ACE, Distributed Network Attack, DNA, Forensic Toolkit, FTK, LAB, Password Recovery Toolkit, PRTK, Registry Viewer, and Ultimate Toolkit are registered trademarks of the AccessData Group, LLC. in the United States and/or other countries. Other trademarks referenced are property of their respective owners.
®
This AccessData BlackBerry Forensics training class covers the particulars of the hardware, which includes the stored data available for analysis and the BlackBerry backup file. This course also discusses the best options to capture the data from BlackBerry devices. Like all other Mobile Forensic Inc. courses, you as the examiner will be armed with the ability to perform forensic analysis both using automated tools and manual methods (result verification). This course uses a multiple-tool approach to mobile phone forensics. It uses both free and commercial applications and teaches the skills needed to find and process data with the aid of specialized software tools. There is no single tool that will entirely process every cellular device. Mobile Forensics, Inc., trains you to know where information is located on cell phones and how to extract that information—-both with and without tools—so you can obtain the maximum amount of data from mobile devices. Prerequisites This course is intended for forensics professionals and law enforcement personnel who must conduct mobile device examinations utilizing multiple tools and a tested forensic process. To obtain the maximum benefit from this class, you should meet the following requirements: Read and understand the English language. Be familiar with BlackBerry devices. Attend the AccessData MFI 101 Course or equivalent.
Have previous investigative experience in mobile forensic case work. Class Materials and Software You will receive the student training manual and CD containing the training material, lab exercises and classrelated information.
(Continued on other side)
For a complete listing of scheduled courses, visit http://www.accessdata.com/training/calendar-and-syllabi Some topics and items in this class syllabus are subject to change. This document is for information purposes only. AccessData makes no warranties, express or implied, in this document. AccessData, AccessData Certified Examiner, ACE, Distributed Network Attack, DNA, Forensic Toolkit, FTK, LAB, Password Recovery Toolkit, PRTK, Registry Viewer, and Ultimate Toolkit are registered trademarks of the AccessData Group, LLC. in the United States and/or other countries. Other trademarks referenced are property of their respective owners.
Blackberry Analysis Intermediate • Learning Management System (LMS)
(Continued) Module 1: Introduction Topics Student Introductions Software Used in This Course BlackBerry Desktop Software ABCAmber BlackBerry Converter / BlackBerry Backup Explorer BlackBerry Simulator MPE+ FTK Rubus Course Overview Module 2: BlackBerry History Objectives Describe the progression of the keyboard styles, model numbers and style names. Locate model information including user manuals. Identify network formats. Module 3: BlackBerry Hardware Objectives Describe the information contained on the device label. Explain information found on the external memory card. Explain why network isolation is important and the result of installing the handset battery. Module 4: Data Contents Objectives Understand and prevent content wipe. Describe the complications of a locked handset. Identify which carrier is associated with the handset. Understand the many databases contained on the BlackBerry. Understand the BBM process, including backup and logging.
Module 5: Desktop Software Objectives Set up and configure a simulator. Locate the current version of the software based on country of origin and operating system. Properly install the software so as to avoid data contamination. Create a backup file and document the process. Module 6: Backup Files Objectives Identify the unique phrasing of the file header for a keyword search on a computer. Identify the content differences between a Windows and a Mac backup file. Resolve the issue of an encrypted backup file. Module 7: Tools Objectives Analyze files using ABC Amber BlackBerry Converter and BlackBerry Backup Explorer. Extract databases using Mobile Phone Examiner Plus (MPE+). Analyze data using FTK. Discuss other handset analysis tools such as .XRY, CelleBrite and SecureView. Module 8: Tools Objectives Analyze files using ABC Amber BlackBerry Converter and BlackBerry Backup Explorer. Extract databases using Mobile Phone Examiner Plus (MPE+). Analyze data using FTK. Discuss other handset analysis tools such as .XRY, CelleBrite and SecureView. Labs Export BlackBerry backup files. Use MPE+ to process a BlackBerry. Process files into FTK. Module 9: Practical This final practical tests participants’ comprehension of the entire course.
For a complete listing of scheduled courses, visit http://www.accessdata.com/training/calendar-and-syllabi Some topics and items in this class syllabus are subject to change. This document is for information purposes only. AccessData makes no warranties, express or implied, in this document. AccessData, AccessData Certified Examiner, ACE, Distributed Network Attack, DNA, Forensic Toolkit, FTK, LAB, Password Recovery Toolkit, PRTK, Registry Viewer, and Ultimate Toolkit are registered trademarks of the AccessData Group, LLC. in the United States and/or other countries. Other trademarks referenced are property of their respective owners.
