In this course, students explore the essentials of electronic discovery and analyze issues related to cyber evidence. Using this evidence, students identify and analyze the nature of security incidents, the source of potential threats and the methods used in incident management and mitigation. Students also analyze the technical and business issues which affect the actions of the enterprise in responding to a security incident.
By the end of this course, the student should know or be able to:
- To analyze the nature of computer security incidents and the source of potential threats.
- To prepare a report which shows knowledge of a methodology for end-to-end incident management and mitigation.
- To analyze and evaluate the business and non-technical drivers, as well as technical issues associated with incident management.
- To examine the rules of evidence to electronic security incidents in the identification of criminal actions using network trace back and computer forensics and create a plan to mitigate those incidents.