Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Digital Evidence Collection in an Enterprise Environment

Home » Training

Acronym
DECEE
Length
11 Training Days
Locations Offered
Glynco, GA

Description

The Digital Evidence Collection in an Enterprise Environment (DECEE) is designed to train criminal investigators (or those that routinely serve as part of the investigative team) to identify, search, seize and acquire digital media in a network environment. Investigators are routinely finding that the evidence they need in the furtherance of any investigation may be found on servers regardless of the type of investigation they are conducting. The purpose of this program is to give investigators an understanding of how to identify the server software in question, navigate this system, and collect evidence in a forensically sound manner.

The software and hardware issued during DECEE has been researched and tested in the classroom and in the field. Students will be trained on the use of this equipment during class. At the conclusion of this two-week program, the training participant will have demonstrated, through the successful completion of several practical exercises that they have a functional knowledge of Digital Evidence Collection in an Enterprise Environment.

Prerequisites

Applicant must be a law enforcement officer/agent with arrest authority in the prevention, detection, apprehension, detention and/or investigation of felony and/or misdemeanor violations of federal, state, local, tribal, or military criminal laws; or Direct Law Enforcement Support Personnel (DLESP); or employees of a federal, state, local, tribal or international agency who perform functions directly related to a law enforcement or Department of Homeland Security (DHS) mission but do not necessarily have the authority to carry and use firearms, make arrests and/or conduct searches with or without a warrant. This category of personnel may also include military personnel preparing for deployment. Must have successfully completed the Digital Evidence Acquisition Specialist Training (DEASTP) and the Seized Computer Evidence Recovery Specialist (SCERS) Training Program or equivalent for admission to the DECEE. This program is part of the FLETC's Cybercrime Track (FCT) or the Electronic Surveillance (ELSUR) Track. By entering FCT or ELSUR into the search window, other related Cyber Division programs can be found.

Required Training Materials

During DECEE students will be issued the following computer hardware and software items which they will take with them upon completion of the course:

  • MacBook Pro 13" with Retina display
  • Thunderbolt/USB3.0 External 2.5” hard drive
  • F-response Tactical
  • Windows 10 Professional x64
  • VMware Fusion
  • Windows Network Forensics and Investigations - Book

Program Syllabus/Curriculum

  • Electronic Law and Evidence
  • Network Investigations
  • Forensic acquisition of digital data in a Microsoft Windows, OSX and Linux environment

Program Contact Info

Glynco: (912)267-3447 
State and Local: (912) 261-4566

Related Programs:

  • Digital Evidence Acquisition Specialist Training Program
  • Seized Computer Evidence Recovery Specialist Training Program
     

Program Registration

Return to top