Graduatehttps://youtu.be/dY4P1dwsPBEEvery Fall and Summer (Fall is Online Only)Digital Forensics and Incidence ResponsesThis course teaches the fundamentals of incident response and digital device forensics. A systematic approach to incident response will be reviewed, focusing on the six steps of the incident response process (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned.) This process is the baseline of which the technical aspects of this course rests on.
The technical aspects of this course cover but is not limited to preservation of data (dd, ftk imager, DumpIt,) Data recovery (Scalpel, Foremost,) forensic analysis (Sleuthkit, SIFT workstation, Volatiilty, RegRipper, Supertimeline, Autopsy) Network investigations (Wireshark), and E-discovery.
The legal aspects of both investigation and preservation will be discussed in the course as well. In addition to the weekly reading and individual projects, students are required to take part in class participation assignments and complete a final project.
Students taking this course should:
• Be proficient with Windows and either Linux or OSX (Understand OS structure)
• Understand basic Unix/Linux command line
• Be able to interpret basic programming syntax (Python)
• Understand how to operate virtual machines
• Be able to conjure up an intuitive and investigative mindsetCybersecuritySoftware
Top