National CAE Designated Institution
  • Classroom
  • Online, Instructor-Led

This course studies techniques and tools in computing investigation, digital evidence collection, recovery, and analysis.

Topics include: Legal issues relating to digital evidence, recover deleted files and discover hidden information, reconstruct user activity from e-mail, temporary Internet files and cached data, assess the integrity of system memory and process architecture to reveal malicious code.

Offered fully online or hybrid (1 lecture/week), 3 Credit hours. Instructor led.

Learning Objectives

  1. Define and explain the role of digital forensics in the incident response and investigatory process.
  2. Identify the requirements for proper evidence collection, handling and storage.
  3. Identify and explain basic techniques to properly collect and analyze evidentiary data using appropriate tools and techniques in common scenarios.
  4. Organize and present evidentiary data and investigatory findings for use in corporate or legal proceedings.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Digital Forensics
  • Cyber Investigation
  • Technology R&D

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.