I'm writing training reviews on my website:  Overall, the best place I've trained is probably Security University..... Security University Overall Score: 9.4
http://www.peteblack.com/blog/training/training-index.htm

Class outline of Tactical Forensics Skills necessary to respond to security incidents:

• Overview of Computer Crime
• Preparing sterile examination media
• Acquisition, collection and seizure of magnetic media.
• Documenting a "Chain of Custody"
• Windows and DOS forensics
• Working with NTFS
• Combing Partition table and boot record
• Investigating The Master File Table (MFT)
• Open source Forensics tools
• Investigating data streams
• File storage dates and times
• File deletion/recovery
• Recovering Internet Usage Data
• Recovering: Swap Files/Temporary Files/Cache Files
• Preservation and safe handling of original media
• Making bitstream copies of original media
• Common data hiding techniques
• Linux/Unix computer forensics
• Examining CD-ROM media
• Carving out files "hidden" in unallocated disk space
• Unlocking Password Protected Files
• Recovering deleted data from a cell phone
• Digital Camera Computer Forensics
• PDA Computer Forensics
• Issues when presenting data in court
• The marking, storage and transmittal of evidence.
• Use tools from Encase Forensic Edition, X-Ways Forensic Addition, Forensic TookKit (FTK), Linux dd, etc.

Real World Case Studies
Theft of Intellectual Property
Embezzlement
Employment disputes
Destruction / alteration of data
E-mail misuse

Course Includes 30 day free License of AccessData's FTK 2.0 :
AccessData's FTK suite is the premier software package for computer forensic analysis. All students are given the option of including FTK 2.0 with their student registration. Contact us for more details about this program.

Also a 1-year license of LSoft's Data recovery and Security Tools

Data Security Products Active@ Boot Disk ( LiveCD ) Data Recovery & Security Toolset Active@ KillDisk Secure Disk Format Utility Active@ Eraser Ultimate Data Security Solution Active@ ZDelete Personal Security Manager Active@ ZDelete.NET Enterprise Security Manager Active@ Disk Wiper Disk Free Space Secure Cleanup

Data Recovery Products Active@ UNDELETE 7 Data Recovery Software Active@ UNERASER Data Recovery Software for DOS Active@ Partition Recovery Partition Recovery Software Active@ File Recovery Data Recovery Software and Service Active@ Floppy Recovery Floppy Recovery and Imaging Active@ Password Changer Windows Password Recovery Software

FREEWARE Products Active@ NTFS Reader for DOS Freeware Reader of NTFS partitions Active@ ISO Burner Freeware tool to burn ISO image Active@ DVD Eraser Freeware tool to erase DVD/CD RW Active@ Hard Disk Monitor Freeware tool to check HDD status

Data Backup Products Active@ Disk Image Hard Disk Imaging & PC Backup Active@ ISO File Manager CD/DVD ISO imaging software Active@ Data CD/DVD Burner Backup your files onto CD/DVD

Required Prerequisites: Firm understanding of the Windows Operating System

Attendees can be:

• IT managers, network administrators, Windows administrators.
• Police and other law enforcement personnel
• Defense and Military personnel
• e-Business Security professionals
• Systems administrators
• Legal professionals
• Banking, Insurance and other professionals
• Government agencies 
• Desire for computer forensics training

Federation of Qualified/ Forensic Experts® Code of Ethics & Professional Standards for Members

• Each member agrees to conduct themselves with honesty, integrity, and impartiality in all matters associated with the Q/FE certification process and all examinations involving digital forensics, using established and validated principles.
• Each member shall strive to maintain objectivity with the highest of professional standards, and never engage in any unethical or illegal conduct.
• All members have the responsibility to maintain the integrity of the Q/FE.
• All members must recognize and adhere to confidentiality and attorney/client privilege.
• No member will misrepresent training, credentials or association membership, nor show bias or prejudice in findings or examinations.
• Each member will never knowingly undertake an assignment beyond his/her skills.
• Each member will work diligently to obtain evidence and or documentation that will establish a reasonable basis for any opinions presented, and examine all evidence in a case unless the scope of the examination is limited by court order, warrant or other court mandate.
• Each member agrees to comply with all legal instructions of the courts.
• Each member agrees to testify truthfully in any proceeding, and maintain the utmost objectivity in all testimony regarding forensic examinations.
• Each member shall avoid any action that would appear to be a conflict of interest.
• All members shall have no criminal record, nor any substantiated accusation of moral turpitude.
• Any applicant or member who becomes aware of any violation of the Code of Ethics & Professional Standards for Members is obligated to report same to the Director's Office.
• All applicants are responsible for their submittals for certification, and shall not collaborate with any other person, form or join any discussion groups, or otherwise circumvent the requirements for individual responsibility during the certification process.
• The Federation of Qualified/ Forensic Experts® and Q/FE® are trademarked and may not be used without the specific written permission of the Federation. Any violation of this provision shall result in immediate suspension from the certification process, revocation of any certification received and the forfeiture of any fees.
  
  
  Appendix I,II,III
  Internet Security
  Network security
  Threat MGT
  Virus /Malware
  IDS/IPS
  Protcol Analysis
  Application Security
  Code Review
  SDL Planning
  Risk Mgt
  COOP
  
  Legal Notice:
  
  The CHFI^® Certification is provided exclusively by EC-Council^® and its ATC's, Security University is not sponsored by, approved by, or affiliated in any way with EC-Council^®.