Nov 21, 2019
CST 212 W - Computer Forensics I
This first course in computer forensics introduces the student to the nature of real-world security incidents and forensic examples. The student is introduced to the Incident Response process, a multi-step approach to the detection, analysis, and recovery from a security incident. Critical skills including data collection and duplication, evidence handling, and writing a forensic report are explored. There are numerous real-world examples presented, as well as practical, hands-on activities designed to show the student how to properly, and legally, handle digital and physical evidence.
Corequisite: CST 208 Introduction to Networking, ENG 110 College Writing I, ENG 111 College Writing II, ENG 107 English as a Second Language Advanced I, ENG 108 English as a Second Language Advanced II
2 Class Hours, 2 Laboratory Hours
- Examine the steps involved in incident response.
- Utilize techniques for gathering digital forensic evidence, duplicating it, and following proper chain-of-custody procedures.
- Explore the value of a forensic report.
Learning Outcomes of the Course:
Upon successful completion of this course the student will be able to:
- Describe different types of security incidents and the appropriate response for each.
- Describe the various steps involved in the incident response and recovery.
- Explain the different ways of gathering digital evidence on Windows, Linux, and other operating systems.
- Understand how to duplicate digital evidence and handle the evidence in a safe and legal manner.
- Know what tools to use to gather digital evidence on a computer network.
- Write a forensic report.
[Add to Portfolio]