中國培訓(xùn)易(www.aokangtiyu.cn) 人力資源公開課 

 

 

 


  

  

主辦單位:廣州必學(xué)企業(yè)管理咨詢有限公司
      中國培訓(xùn)易(www.aokangtiyu.cn)

舉辦時(shí)間:
上海 2014年7月17-18日
課程費(fèi)用:6000元/人(含資料費(fèi)、授課費(fèi)、發(fā)票)
會(huì) 員 價(jià):會(huì)員優(yōu)惠價(jià)請(qǐng)咨詢客服, QQ:674837974 手機(jī)/微信:18588851172 符小姐

培訓(xùn)目標(biāo)
在信息化的時(shí)代,人們的生產(chǎn)生活都已經(jīng)很難完全與計(jì)算機(jī)和網(wǎng)絡(luò)脫離關(guān)系了(除非想要還原本拉登的生活方式)。因此在一些違規(guī)違法活動(dòng)的調(diào)查中,大多會(huì)涉及電子取證,有些甚至扮演了關(guān)鍵性角色,更不用說在損害公司利益的電子犯罪中了。但作為一種新興的證據(jù)類型,電子取證目前還是企業(yè)在公司治理和內(nèi)部控制的操作難點(diǎn)。本次培訓(xùn)課程旨在全面而系統(tǒng)地介紹電子取證的概念,范圍,運(yùn)用方法,成本估算及一些前沿動(dòng)態(tài),旨在幫助企業(yè)內(nèi)部調(diào)查者提升對(duì)電子物證的有效運(yùn)用能力,從而更有效地應(yīng)對(duì)企業(yè)可能面臨的欺詐風(fēng)險(xiǎn)。



課程詳情
本次培訓(xùn)中的內(nèi)部調(diào)查可應(yīng)用于:
The internal investigation in this training can be applied to:
§ 維護(hù)企業(yè)的商業(yè)利益和合法權(quán)益
Maintaining enterprise’s business interests and the legitimate rights and interests
§ 維護(hù)企業(yè)自身知識(shí)產(chǎn)權(quán)、保護(hù)商業(yè)秘密
Safeguarding the own intellectual property rights, protecting the commercial secrets
§ 信息外泄、黑客攻擊事件的災(zāi)難評(píng)估
The disaster assessment of information leakage and hacking
§ 訴訟支持
Litigation support
§ 為企業(yè)重大決策提供參考

Providing the reference for the enterprise decision-making.


第一天(7月17-18日) Day One(July. 17-18)
引言:7.18 拍牌網(wǎng)站被黑案件中電子物證發(fā)揮的關(guān)鍵作用
Introduction: the key role of electronic forensics in the case of the license website’s hacking on July 18th
一、 電子取證概述
The introduction of electronic forensics
1. 電子取證在歐美等國家的法律地位
The electronic forensics’ legal status in Europe and the United States.
2. 我國電子取證的法律地位演變,及各階段典型案例
The development of the legal status of our country’s electronic forensics and the typical case at each stage.
1) 電子物證的有效性的爭議
The effective disputes of electronic forensics
案例分享:華南虎案件
Case sharing: Southern China tiger case
2) 電子物證引起重視
Electronic forensics caused importance.
案例分享:熊貓燒香
Case sharing: Panda burns joss sticks
3) 通過電子物證破獲的案件
The case was carried out by electronic forensics
二、 基本的電子取證技術(shù)實(shí)踐操作(一)
The basic practical practice of electronic forensics technology (One)
1. 數(shù)據(jù)恢復(fù)理論
Data recovery theory
2. 互動(dòng):數(shù)據(jù)恢復(fù)基本技能實(shí)踐(敬請(qǐng)自帶U盤一個(gè))
Interactive: the basic skills’ practice of data recovery ( please bring U plate)
3. 數(shù)據(jù)恢復(fù)在調(diào)查過程中的作用
Data recovery’s role in the process of investigation
4. 硬件和Raid中數(shù)據(jù)的恢復(fù)
The data recovery in hardware and raid
5. 電子現(xiàn)場保護(hù)的基本原則(結(jié)合數(shù)據(jù)恢復(fù)理論講解)
The basic principle of electronic site protection (combined data recovery theory to explain)
三、 電子物證在企業(yè)調(diào)查的表現(xiàn)形式
The electronic forensics’ performance form in enterprise investigation
1. 電子物證的種類及應(yīng)用案例
The types and application case of electronic forensics
1) 電子計(jì)算機(jī)
Electronic computer
2) 移動(dòng)存儲(chǔ)設(shè)備
The mobile storage device
3) 智能手機(jī)(通過分析智能手機(jī)話單破案的案例)
Intelligent mobile phone (the crime case cleared up by analyzing the intelligent mobile phone’s bill)
4) 各類文檔(通過對(duì)office文檔進(jìn)行分析而提供關(guān)鍵性證據(jù)的案例)
All kinds of documents (provide the crucial evidence case through analyzing office documents)
2. 現(xiàn)場中,電子物證的識(shí)別與運(yùn)用
On site, the identification and application of electronic forensics.
3. 靈活選用被分析的電子物證,導(dǎo)致案件破獲的兩個(gè)案例
Flexibly chose the analyzed electronic forensics, two cases led to crack
四、 企業(yè)調(diào)查中電子現(xiàn)場的電子物證的固定
The electronic forensics fix on spot in enterprise investigation
1. 電子物證固定的基本理論
The basic theory of electronic forensics fix
1) 基本固定方法:Hash
The basic fix method: Hash
2) 本地?cái)?shù)據(jù)固定方式
The fix method of local data
3) 遠(yuǎn)程數(shù)據(jù)固定方式
The fix method of remote data
4) 特殊情況下的變通方案
The workaround under special circumstances
2. 電子取證:外包?還是自己做?各個(gè)方案的優(yōu)缺點(diǎn)
Electronic forensics: outsourcing? Or do it by yourself? The advantages and disadvantages of each program.
3. 互動(dòng):電子物證固定的實(shí)踐練習(xí)(Hash,及模擬現(xiàn)場練習(xí),通過練習(xí)使學(xué)員對(duì)如何保護(hù)現(xiàn)場及易犯的錯(cuò)誤有感性認(rèn)識(shí))
Interaction: the practical practice of electronic forensics fix (Hash and simulated filed practice, through practice, make the participants have perceptual knowledge on how to protect the field and easy mistake.
4. 電子取證的基本規(guī)則(不同于電子現(xiàn)場保護(hù)的基本原則,這里強(qiáng)調(diào)的是可重復(fù)性等原則)
The basic principle of electronic forensics ( different from the basic principle of electronic filed protection, here emphasize the repeatability principle)
5. 不同類型案件中現(xiàn)場保護(hù)的方法
The field protection method in different types of cases
1) 關(guān)機(jī)狀態(tài)下的靜態(tài)數(shù)據(jù)固定方法
The fix method of static data under the shutdown state
2) 開機(jī)狀態(tài)下的動(dòng)態(tài)數(shù)據(jù)固定方法
The fix method of dynamic data under the on state
6. 電子物證固定的各種方法及優(yōu)缺點(diǎn)和適用情況
All kinds of method, the advantages & disadvantages and the application situation of electronic forensics fix.
五、 基本的電子取證技術(shù)在企業(yè)案件中的實(shí)踐操作(二)
The basic electronic forensics technology’s practical practice in enterprise case (Two)
1. 操作系統(tǒng)分析
The analysis of operation system
2. 密碼破解
Password cracking
互動(dòng):不同情況下,都能得到怎樣的最佳結(jié)果。
Interaction: under different situation, can get the best results.
3. 移動(dòng)設(shè)備的分析
The analysis of mobile equipment

第二天(7月18日) Day Two(July.18)
六、 電子取證在企業(yè)案件中的運(yùn)用
The electronic forensics’ application in enterprise case
1. 數(shù)據(jù)恢復(fù)技術(shù)在案件中的應(yīng)用,特別是一些特殊的數(shù)據(jù)恢復(fù)技術(shù)的應(yīng)用案例一個(gè)
The data recovery technology ’s application in the case, especially some special data recovery technology’s application
2. 分析操作系統(tǒng)所得的信息在案件中的使用
Analyze the information’s application in the case, which got from the operation system
1) 各類郵件分析
All kinds of mail analysis
2) 對(duì)注冊(cè)表的分析
The registry’s analysis
3) 對(duì)數(shù)據(jù)庫的分析(特別是各類公司內(nèi)部的物流和信息關(guān)系系統(tǒng))
The data’s analysis (especially the internal logistic and information system of all kinds of company
4) 其他
Others
3. 計(jì)算機(jī)程序分析技術(shù)在案件中的應(yīng)用
The computer program analysis technology’s application in the case
1) 分析惡意軟件
Analyze the malicious software
2) 知識(shí)產(chǎn)權(quán)的保護(hù)
The protection of the intellectual property rights
3) 異樣程序的鑒別
The identification of unusual program
4. 移動(dòng)設(shè)備的取證
The forensics of mobile equipment
1) 通訊錄、短信、通話記錄的提取和恢復(fù)
The extraction and recovery of address list, SMS and call records
2) 移動(dòng)設(shè)備中其他數(shù)據(jù)的獲取和分析
Other data’s extraction and recovery in mobile equipment
3) 移動(dòng)設(shè)備中各類應(yīng)用程序產(chǎn)生的數(shù)據(jù)的分析
The data analysis produced from all kinds of application in mobile equipment
5. 科學(xué)的災(zāi)難評(píng)估方法
The scientific disaster evaluation method
6. 互動(dòng):一個(gè)綜合案例
Interaction: a comprehensive case
七、 溝通、局限及解決方案
Communication, limit and solutions
1. 案件偵辦人員與專業(yè)技術(shù)人員的溝通方式和方法
The case personnel’s communication way and means with professional technical person
1) 初檢(/現(xiàn)場)中的溝通、交互以及技術(shù)方案的選擇
The communication, interaction and the choice of technology in initial inspection (on site)
2) 送檢時(shí)的溝通
The communication while submission
3) 各類特殊場合中的溝通
The communication in various special occasions
4) 詢問(面談)時(shí),專技人員的參與方式及禁忌
While inquiry (interview), the participation way and taboo of technical persons.
5) 專技人員參與現(xiàn)場勘查情況下的溝通技巧
The technical persons’ communication skills under the field exploration
2. 電子取證理論的極限,以及如何讓理論極限為我所用,幫助我更好地取證
The limit of the electronic forensics, and how to make use of the theoretical limit to help me better get the evidence.
1) 電子取證技術(shù)的理論極限
The theory limit of electronic forensics
2) 各種電子取證技術(shù)的成本預(yù)判
The cost prediction of all kinds of electronic forensics
3) 即使是同類技術(shù)的成本判別
The cost prediction of even the similar technology
4) 如何把一個(gè)天馬行空的構(gòu)想轉(zhuǎn)化為可以實(shí)際操作的技術(shù)方案
How to turn a powerful and unconstrained idea into a practical operational technical program
3. 調(diào)查方案的確定要素
The confirmed elements of survey program
一般人在沒有接觸過電子取證之前,都存在輕視相關(guān)技術(shù)工作的傾向,提不出要求;在了解電子取證之后,甚至使用相關(guān)技術(shù)破案之后,又容易在以后的辦案過程中出現(xiàn)自我放大電子取證作用,提出各種不切實(shí)際的要求的傾向。如何防止這兩種極端的傾向。給辦案人員正確的電子取證的觀念,使其能夠恰如其分地使用電子取證技術(shù),正確地預(yù)估辦案成本是這一節(jié)所要解決的問題。
Before people un-contact the electronic forensics, they look down on the related technical work, not to mention the re-quirements; after understanding the electronic forensics, even after the crack of the use of related technology, easy to appear self-amplified use of electronic forensics in the process of future case, have various kinds of unrealistic re-quirements. How to prevent the two extreme tendencies? Proving the correct concept of electronic forensics for the case personnel, and let them can make use of the electronic forensics, correctly estimate case cost is the problem which we need to solve.
八、 電子取證的一般流程概述
The general process introduction of electronic forensics
九、 網(wǎng)絡(luò)取證概述及案例
The concept of network forensics and case
1. 企業(yè)網(wǎng)絡(luò)中可能在證據(jù)源概述
The possible evidence introduction in enterprise network
2. 網(wǎng)絡(luò)取證的難點(diǎn)及相關(guān)法律問題
The difficulties of network forensics and related law issues
3. 網(wǎng)絡(luò)的獲取和分析概述
The extraction and analysis introduction of network
1) 獲。ㄗグ⑷罩咎崛〉龋
The extraction (capture, log extraction)
2) 獲取的證據(jù)的匯聚、關(guān)聯(lián)和分析方法
The collection, relation and analysis method of extracted evidence
4. 網(wǎng)絡(luò)取證的典型案例
The typical case of network forensics
十、 關(guān)于電子物證相關(guān)法律更新細(xì)則的分析與討論
The update regulations’ analysis and discussion on related law of electronic forensics
十一、 現(xiàn)場答疑及互動(dòng)環(huán)節(jié)
Q&A and Networking Session



講師簡介
  崔先生 老師
   崔先生擁有超過十年的電子取證工作經(jīng)驗(yàn)。崔先生于2000年畢業(yè)于華東政法大學(xué)偵查專業(yè),隨后又畢業(yè)于復(fù)旦大學(xué)計(jì)算機(jī)科學(xué)與技術(shù)專業(yè)。在此后的十年中,他任職于上海市公安局網(wǎng)絡(luò)安全部門,主要負(fù)責(zé)電子取證工作,在此期間破獲了2009年上海車牌拍賣網(wǎng)站被黑案在內(nèi)的大量案件。之后,崔先生轉(zhuǎn)入高等學(xué)府專門從事電子取證的教學(xué)工作。翻譯出版了《Windows取證分析》、《網(wǎng)絡(luò)取證:在網(wǎng)絡(luò)空間里追蹤黑客》(即將出版)、《軟件加密與解密》、《IDA代碼破解解密》等專業(yè)書籍,也是《python灰帽子》一書的技術(shù)審校。
   崔先生是中國計(jì)算機(jī)法證協(xié)會(huì)會(huì)員,也是包括安全焦點(diǎn)峰會(huì)在內(nèi)的多個(gè)安全峰會(huì)的演講嘉賓。同時(shí)也是中科院-上海交大-美國verysign-idefense公司合辦的“網(wǎng)絡(luò)爵士”培訓(xùn)項(xiàng)目的“高級(jí)逆向工程師”課程的培訓(xùn)教師。
Hannibal Cui
Mr. Cui has more than 10 years’ working experience in electronic forensics. He graduated rom investigation in East China University of Political Science and law, and then graduated from Fudan University, majoring in computer science and technical. In the next 10 years, he served in the network security department in Shanghai Public Security Bureau, mainly responsible for electronic forensics, during this period, he cracked a large number of cases, in-cludes that Shanghai license auction website was hacked in 2009. Later, he transfer to the institution of higher education to specialize in electronic forensics teaching work. Translated and publicized “the Window Forensics Analysis”,”Network Forensics: tracking on the hacker in the space of network”(forthcoming), “the encryption and decryption code of software”,”IDA Pro” and other professional books, also is the technical reviser of Python
Mr. Cui is the member of China Computer Association, also is the presentation guest of many safety summit in-cludes security summit. Meanwhile, he is the trainer for senior reverse engineering in Network Jazz project, which jointly organized by the Chinese Academy of Sciences, Shanghai Jiaotong University and verysign-idefense company


課程對(duì)象
首席合規(guī)官/合規(guī)總監(jiān)/合規(guī)經(jīng)理
The Chief Compliance Officer / Compliance director/Compliance Manager
內(nèi)審/內(nèi)控總監(jiān)/經(jīng)理
Audit / Internal Director / Manager
法律顧問/法務(wù)部經(jīng)理/主管
Legal adviser / Legal Department Manager / Supervisor
風(fēng)險(xiǎn)管理總監(jiān)/經(jīng)理
Risk Management Director / Manager
調(diào)查總監(jiān)/經(jīng)理
Survey Director / Manager
企業(yè)調(diào)查相關(guān)人士,包括人力資源總監(jiān)/經(jīng)理等
Enterprise Relevant Survey Personnel, including HR Director/ Managers


   注

課程名稱:企業(yè)反舞弊調(diào)查中的電子取證技巧指導(dǎo)及案例分享

 

咨詢電話020-29042042      QQ 59870764
網(wǎng)上查詢中國培訓(xùn)易 http://www.aokangtiyu.cn


報(bào)      執(zhí)  

為確保您的報(bào)名名額和及時(shí)參加,請(qǐng)?zhí)崆皩⒋耍▓?bào)名表)E-mail至674837974@QQ.com;721560397@QQ.COM(符小姐、黃小姐)我們將有專人與您聯(lián)系確認(rèn),并于開課前發(fā)出《培訓(xùn)報(bào)名確認(rèn)函》。培訓(xùn)時(shí)間、地點(diǎn)、住宿等詳細(xì)信息請(qǐng)以《培訓(xùn)報(bào)名確認(rèn)函》書面通知為準(zhǔn),敬請(qǐng)留意。謝謝!

聯(lián)系人:符小姐    電話:18588851172    QQ:674837974

網(wǎng)址:www.aokangtiyu.cn(中國培訓(xùn)易)

課程名稱:企業(yè)反舞弊調(diào)查中的電子取證技巧指導(dǎo)及案例分享       時(shí)間地區(qū):_____________

公司全稱: 

聯(lián)系人

 

部門

 

公司網(wǎng)址

 

聯(lián)系電話

 

傳真

 

聯(lián)系郵箱

 

公司地址

 

郵編

 

參會(huì)人數(shù):        

參會(huì)人員資料

姓名

職務(wù)

電話

手機(jī)

E-mail

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

付款方式: □ 轉(zhuǎn)帳 □ 現(xiàn)金 (請(qǐng)選擇 在□打√) 注:部分地區(qū)不可現(xiàn)金


單位匯款帳戶:(轉(zhuǎn)到該賬戶請(qǐng)一定要用購買方公司賬戶進(jìn)行公對(duì)公轉(zhuǎn)賬)

開戶人: 廣州必學(xué)企業(yè)管理咨詢有限公司

開戶行: 中國農(nóng)業(yè)銀行廣州天銀大廈支行

號(hào): 4405 8501 0400 08276

課程金額:__________

住宿要求(費(fèi)用自理,開課前三天預(yù)訂)

是否需要會(huì)務(wù)組協(xié)助安排住宿:  □是   □否  入住天數(shù)(  )天

入住時(shí)間  2025             □標(biāo)準(zhǔn)雙人間(  )間    □標(biāo)準(zhǔn)單人間(  )間                                             

發(fā)票信息:

一、增值稅普通發(fā)票(數(shù)電票):

公司名稱(發(fā)票抬頭):

納稅人識(shí)別號(hào):

發(fā)票內(nèi)容:1、*現(xiàn)代服務(wù)*培訓(xùn)費(fèi)  2*現(xiàn)代服務(wù)*咨詢服務(wù)費(fèi)  3、*現(xiàn)代服務(wù)*咨詢費(fèi)  4*現(xiàn)代服務(wù)*培訓(xùn)咨詢服務(wù)費(fèi)

 

二、增值稅專用發(fā)票(數(shù)電票):

公司名稱:

納稅人識(shí)別號(hào):

發(fā)票內(nèi)容:1*現(xiàn)代服務(wù)*培訓(xùn)費(fèi)