IT436 Computer Forensics I (3 cr.) This course provides an introduction to the legal, technical, and investigative skills necessary to consider a career in computer forensics. Topics include the legal foundations for proper handling of traditional and electronic evidence, investigative tools and procedures, and an examination of large-scale attacks such as identity theft, fraud, phishing, extortion, and malware infections. The basics of conducting a computer forensics investigation, finding hidden data, and evaluating common computer forensic tools are covered.
Upon completion of this course, students are expected to be able to do the following:
- Respond to live incidents in both Windows and UNIX environments.
- Determine whether a security attack has occurred.
- Assemble a toolkit for use at the scene of a computer-related crime.
- Analyze volatile data, nonvolatile data, and files of unknown origin.
- Safely perform and document forensic duplications.
- Describe how data is organized, the booting process, and the hard disk technology utilized by modern computers.
- Analyze PC-based hard disk partitions.
- Describe file system data structures.
Add to Portfolio (opens a new window)
|