May 05, 2024  
2022-2023 SGPP Catalog and Handbook 
    
Catalog Navigation
  Catalog Home
  Programs of Study
  Course Descriptions
  History
  Mission and Vision
  Accreditation and Certification
  Professional Licensure Disclosures
  The University
  Locations and Facilities
  Admission Policies
  Academic Policies
  Registration and Tuition
  University Conduct
  Academic Services
  Student Services
  Undergraduate College Programs in Winona
  Appendix
  Downloadable Print Version (PDF)
  Roster
  My Portfolio
HELP
2022-2023 SGPP Catalog and Handbook [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CYBR645 Incident Response and Investigation (3 cr.)


This course introduces the principles and best practices for incident response, along with an overview of digital forensics. Students understand the goals of incident response and learn how to prepare and respond to information security incidents and understand how the incident occurred.  Students understand the process of collecting and analyzing data, and the process of remediation. The course outlines the investigative and analysis process, tools, digital evidence, and applicable law with a focus on computer, mobile, network, and database forensics. 

Upon completion of the course, students are expected to be able to do the following:

  1. Implement the basics of evidence collection and documentation, reporting, investigative techniques, digital forensics tools, and procedures.
  2. Interpret requirements for investigation types of administrative, criminal, civil, regulatory, and industry standards and the associated costs.
  3. Identify the implications of data location in responding to security incidents.
  4. Conduct incident management through all stages of a breach with knowledge of detection, response, mitigation, reporting, recovery, and remediation.
  5. Adjust preventative measures in response to security incidents.       
  6. Implement recovery strategies such as backup, recovery sites, multiple processing sites, and system resilience via high availability, Quality of Service (QoS), and fault tolerance.
  7. Develop incident reports and analysis presentations.


Add to Portfolio (opens a new window)