Mar 28, 2024  
2015-2016 SGPP Catalog and Handbook 
    
2015-2016 SGPP Catalog and Handbook [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

IT437 Computer Forensics II (3 cr.)


This course provides an in depth examination of the technical tools and techniques utilized by computer forensics examiners. Topics include criminal timeline recreation, evidence recovery, and the most current PDA and cell phone investigative techniques. The focus is on deployment of an effective case management strategy to collect material, document findings, and archive results; the use of forensic tools to uncover obscured code, file mismatches, and invalid signatures; and the extraction of client and Web-based email artifacts using industry recognized tools.

Upon completion of this course, students are expected to be able to do the following:

  1. Collect and analyze network-based evidence in Windows and UNIX environments.
  2. Reconstruct Web browsing, e-mail activity, and Windows registry changes.
  3. Trace domain name ownership and the source of e-mails.
  4. Duplicate and analyze the contents of personal digital assistants and flash memory devices.
  5. Analyze server based hard disk partitions.
  6. Analyze file system data structures.
     



Add to Portfolio (opens a new window)