Cyber Forensics Artefacts and Caledonia
Cyber Forensics Artefacts introduces CDIC members to the common digital evidence types encountered in cyber investigations, including usernames, addresses, phone numbers, company identifiers, banking data, media files, domains, URLs, IP addresses, cryptocurrency records, and email evidence.
About This Course
Cyber Forensics Artefacts is a self-paced onboarding course designed for CDIC membership to build familiarity with the types of evidence commonly encountered during cyber investigations. The course introduces learners to the concept of cyber forensic artefacts and explains how different pieces of digital information can become investigative leads, evidence points, or sources for further research.
Learners will explore major categories of cyber artefacts, including names and usernames, physical addresses, phone numbers, company names, BIC/IBAN/SWIFT and bank-related identifiers, photos, videos, audio recordings, domains, subdomains, URLs, IPv4 and IPv6 addresses, MAC addresses, cryptocurrency wallet addresses, transaction IDs, and email addresses. The course also introduces learners to open-source tools and research resources that can support artefact validation, enrichment, metadata review, network investigation, blockchain exploration, and email header analysis.
By the end of the course, participants will understand how to identify cyber artefacts, determine what investigative value each artefact may provide, select appropriate research tools, and apply structured thinking when examining evidence in a cyber investigation. This course is intended as a foundational orientation for members who are new to cyber investigations, OSINT-style research, digital evidence handling, or cyber forensics workflows.
What You'll Learn
- By the end of this course, learners will be able to:
- Define cyber forensic artefacts and explain their role in cyber investigations.
- Identify common artefact types, including usernames, contact details, business identifiers, financial identifiers, media files, network indicators, cryptocurrency records, and email data.
- Distinguish between different investigative artefact categories and describe the type of information each may reveal.
- Use open-source research tools to conduct basic lookups on names, usernames, addresses, phone numbers, companies, domains, URLs, IP addresses, cryptocurrency wallets, and email addresses.
- Explain the investigative value of metadata found in photos, videos, audio files, documents, websites, and email headers.
- Recognize key network-related artefacts, including IPv4 addresses, IPv6 addresses, MAC addresses, domains, subdomains, and URLs.
- Describe how cryptocurrency addresses and transaction IDs can be used to trace or verify blockchain activity.
- Interpret basic email artefacts, including email reputation indicators, breach exposure, MX records, and message headers.
- Apply a structured investigative workflow when reviewing a cyber artefact.
- Document findings clearly and responsibly for use in a cyber investigation or intelligence report.
Course Curriculum
Assessments
Cyber Operations Process
5 questions • 70% to pass
Prerequisites
CDIC Initiations Training CDIC-INIT-001 (CDIC ONLY)
Instructor
Jonathan Williams
Super_Admin