The page uses Browser Access Keys to help with keyboard navigation. Click to learn moreSkip to Navigation

Different browsers use different keystrokes to activate accesskey shortcuts. Please reference the following list to use access keys on your system.

Alt and the accesskey, for Internet Explorer on Windows
Shift and Alt and the accesskey, for Firefox on Windows
Shift and Esc and the accesskey, for Windows or Mac
Ctrl and the accesskey, for the following browsers on a Mac: Internet Explorer 5.2, Safari 1.2, Firefox, Mozilla, Netscape 6+.

We use the following access keys on our gateway

n Skip to Navigation
k Accesskeys description
h Help
    SUNY Broome Community College
   
 
  Jan 17, 2018
 
 
    
Website Catalog
[Add to Portfolio]

CST 242 - Computer Forensics II


The second course in computer forensics takes the student deep into Windows and Linux.  The student is introduced to many tools used to gather and analyze digital evidence.  Critical skills are developed, including such data analysis methods as string searches, machine-code disassembly, log file analysis, data and file recovery, and both static and dynamic code analysis.  Evidence from computers, networks, and routers are all captured and analyzed.  Real-world examples, as well as hands-on activities, reinforce the material and concepts.

Prerequisite- Corequisite
Prerequisite:  CST 212 Computer Forensics I

Credits: 3
Hours
2 Class Hours, 2 Laboratory Hours
Course Profile
Course Objectives:

1.  Examine the details of several common storage media and technologies, including floppy disks and hard disks, and the FAT and NTFS file systems.
2.  Engage in data analysis methods including log file analysis, string searches, protocol and code disassembly.
3.  Explore investigative techniques for locating evidence in different operating systems and routers.

 

Learning Outcomes of the Course:

Upon successful completion of this course the student will be able to:

1.  Describe the hardware fundamentals of computer storage, as in the operation of IDE and SCSI drives.
2.  Describe the software fundamentals of computer storage, as in the operation of the FAT and NTFS file systems.
3.  Describe the various methods available for analyzing data, including log file analysis, shell histories, recovering files, and file lists.
4.  Explain the different ways of gathering digital evidence on Windows, Linux, and oher operating systems.
5.  Understand how to perform static and dynamic analysis on a hacker tool (virus, worm, etc.).
6.  Know what tools to use to gather digital evidence from a suspicious program.
7.  Know what tools to use to gather digital evidence on a computer network.
8.  Know what information a string search, disassembly, and hexadecimal dump provide about a suspicious program.
9.  Write a forensic report.



[Add to Portfolio]