Course Overview

  • What are course description?

    “Every touch leaves a trail”, this is a very famous Forensic saying and can be applied to Digital Forensics as well. Every activity that we perform is always stored on our system itself. Even if we delete these trails, somewhere or the other they still reside on the system.Such a place in Windows based OS’s is Registry. Windows Registry is a central hierarchical database that maintains configuration settings for the application,hardware devices and users.It has all types of sensitive records of different users activities performed on the system. It’s a Goldmine of Information for both System Admins as well as Digital Forensic Analyst.


    Windows is the most used Operating System in the world that has a market base of more than 70%. So, the demand of Professionals who have a good grasp of Windows is very much in demand. Windows is that operating system that can be most commonly found during Digital Forensic Investigation where it could be either a Victim System, or the Attacker System or both.Windows always keeps a log of all activities of it users even after the users delete it. One of the similar Window’s Goldmine for Information is Registry. It is a Centralized Database that stores all the configuration files along with the activities performed. In this course, we teach students how to extract meaningful information out of the Registry Hives. This can be done both manually as well as via tools also. In tools we cover FTK Imager which is used for examining Registry Hives. We guide how to and where to find different meaningful information like Attached USB Devices information, Network Devices Information,Created User Account Details, Application details and much more things. At the end we conclude with Digital Forensics Report Writing because the information we extracted doesn’t seems to be of any use until presented in a well formatted easy to understand manner.


    Certified Ethical Hackers, Certified Digital Forensic Analysts,SOC Aspirants,SOC L1,L2 Analysts, Security Consultants, IT Security Managers,Risk and COmpliance Managers Incident Response Individuals,Engineers, IT Professionals,Network Administrators,Law Enforcement Officials,Private Investigators,DFIR Individuals.


    Yes, during the training, students are given several mandatory projects and assignments to enhance skills and gain some professional exposure.


    Basic Knowledge of Cyber Security,Networking, Malware Analysis Skills,Basic Knowledge of Incident Response and Digital Forensics


    Certificates are valid after 3 years. After expiry, certificates can be renewed by giving a certificate renewal exam.


    Introduction to Windows OS

    Introduction to File Systems and Storage Techniques

    Introduction to Digital Forensics

    Windows Registry

    Registry Hives

    Manual Registry Analysis

    Manual Registry Analysis

    FTK Imager

    Registry Analysis by Registry Viewer

    USB Device Details

    User Details

    Application Details

    Exam & certification

    • Eligibility for Certification?

      Students with scores above 70% in the exams are only eligible for Certificates

    • Charges For Certification?

      The Price for Certification is also included in the course fee. No extra charge is needed for Certificates

    • Validity of Issued Certificates?

      All the issued certificates are valid for 3 years from the Date of Issue.It can be renewed after clearing the renewal examination.

    Course advisor

    CDI Team

    CDI is an emerging Information Security company with an Aim to provide Information Security Solutions to clients with a wide array of platforms: Networks, Web Applications,Servers and Databases.


    • Is the Course For Beginners?

      No, This course demands at least some basic knowledge of Cyber Security concepts along with other concepts like Malware Analysis,Incident Response and Digital Forensics Specifically.

    • Scope of the Domain/Skill/Certification?

      This is a widely demanded skill of Registry Analysis and while investigating Windows System, Registry analysis is one very important factor making these skilled professionals in demand always.

    • Can Entry Level Cyber Sec Professional Enroll?

      - No, Entry Level Cyber Security Professional cannot Enroll for this Course as it requires some experience or knowledge in the domain of Cyber Security and Digital Forensics.

      Request more information