Close Menu

Cyber Forensics, IT-S 538

About this Course: 

This course will address methods to properly conduct a computer and/or network forensics investigation including digital evidence collection and evaluation and legal issues involved in network forensics. Technical issues in acquiring court-admissible chans-of evidence using various forensic tools that reconstruct criminally liable actions at the physical and logical levels are also addressed. Technical topics covered include detailed analysis of hard disks, files systems (including FAT, NTFS and EXT) and removable storage media; mechanisms for hiding and detecting hidden information; and the hands-on use of powerful forensic analysis tools.

Course Status: 

Not scheduled

Prerequisites: 

IT-S 448 Cyber Security Technologies or equivalent experienced is required for enrollment.

Who Should Attend: 

Individuals who are interested in learning how to properly conduct a computer and/or network forensics investigation with various forensic tools.

Expected Outcomes: 

Upon completion of this course, participants should be able to perform cyber forensic analysis.

 

Course Outline: 

Introduction to network and computer forensics
Forensic tools and tool systems
Data acquisition and image creation
EnCase and AccessData forensic tools and crime forensic analysis
SleuthKit, hard disks, volumes and partitions
Master Boot Record (MBR) partitions and FAT file system
NTFS file system and GPT partitions
Linux boot, disk and partition
Linux file systems
Flash file systems
Image files and steganography, JPEG steganography and steganography
Steganalysis

Course Details: 

Grading/CEU award for this course includes assignments, exams, projects, labs and paper.