CST 212 W - Computer Forensics I
This first course in computer forensics introduces the student to the nature of real-world security incidents and forensic examples. The student is introduced to the Incident Response process, a multi-step approach to the detection, analysis, and recovery from a security incident. Critical skills including data collection and duplication, evidence handling, and writing a forensic report are explored. There are numerous real-world examples presented, as well as practical, hands-on activities designed to show the student how to properly, and legally, handle digital and physical evidence.
Corequisite: CST 208 Introduction to Networking, ENG 110 College Writing I, ENG 111 College Writing II, ENG 107 English as a Second Language Advanced I, ENG 108 English as a Second Language Advanced II
2 Class Hours, 2 Laboratory Hours
1. Examine the steps involved in incident response.
2. Utilize techniques for gathering digital forensic evidence, duplicating it, and following proper chain-of-custody procedures.
3. Explore the value of a forensic report.
Learning Outcomes of the Course:
Upon successful completion of this course the student will be able to:
1. Describe different types of security incidents and the appropriate response for each.
2. Describe the various steps involved in the incident response and recovery.
3. Explain the different ways of gathering digital evidence on Windows, Linux, and other operating systems.
4. Understand how to duplicate digital evidence and handle the evidence in a safe and legal manner.
5. Know what tools to use to gather digital evidence on a computer network.
6. Write a forensic report.
[Add to Portfolio]