This course focuses on cyber-attack prevention, planning, detection, and
incident response with the goals of counteracting cyber-crime, cyber terrorism,
and cyber predators, and making them accountable. Additional topics include
fundamentals of computer forensics, forensic duplication and analysis, network
surveillance, intrusion detection and response, incident response, anonymity,
computer security policies and guidelines, and case studies.
-
Course Learning Outcomes
- » Understand fundamental concepts of incident response and forensic, perform electronic evidence collection and digital forensic acquisition
- » Understand web application forensics and its architecture, interpret the steps for web attacks, Apache web server architecture and its logs investigation
- Conduct thorough examinations of computer hard disk drives, and other electronic data storage media and recover information and electronic data from computer hard drives and other data storage devices
- Understand the strict data and evidence handling procedures, maintain an audit trail (i.e., chain of custody) and/or evidence of integrity, work on technical examination, analysis and reporting of computer-based evidence, preparing and maintaining case files
- » Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images, and other files, gather volatile and non-volatile information from Windows, MAC, and Linux, and recover deleted files and partitions in Windows, Mac OS X, and Linux
- » Understand network forensics and its steps involved, examine the network traffic, understand the eterminology and its characteristics, review the steps for investigating the email crimesmail
- Understand the planning, coordination and direct recovery activities and incident analysis tasks, the examination of all available information and supporting evidence or artifacts related to an incident or event
- » Perform data collection using forensic technology methods in accordance with evidence handling procedures, including a collection of hard copy and electronic documents, conduct reverse engineering for known and suspected malware files, and Identify of data, images and/or activity which may be the target of an internal investigation
- » Perform the mobile forensics and illustrate its architecture, determine the mobile storage and its evidence
0.0
0 total
5
4
3
2
1