• Online, Instructor-Led
Course Description

This course will aim to train students to determine who is responsible for a malicious attack that happened on the computer while documenting the evidence and performing a proper investigation. It will also teach students how an organization should handle a cyber attack. Topics will include computer forensics, legal requirements for conducting an investigation, cloud incident response, mobile device incident response, network forensics, intrusion detection and analysis, and forensics tools.

Learning Objectives

  • Conduct digital investigations that conform to accepted professional standards and are based on the investigative process: identification, preservation, examination, analysis, and reporting; 
  • Cite and adhere to the highest professional and ethical standards of conduct, including impartiality and the protection of personal privacy; 
  • Identify and document potential security breaches of computer data that suggest violations of legal, ethical, moral, policy, and/or societal standards; 
  • Apply a solid foundational grounding in computer networks, operating systems, file systems, hardware, and mobile devices to digital investigations and to the protection of computer network resources from unauthorized activity; 
  • Work collaboratively with clients, management, and/or law enforcement to advance digital investigations or protect the security of digital resources; 
  • Access and critically evaluate relevant technical and legal information and emerging industry trends;
  • Communicate effectively the results of a computer, network, and/or data forensic analysis verbally, in writing, and in presentations to both technical and lay audiences.  

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.