This course will aim to train students to determine who is responsible for a malicious attack that happened on the computer while documenting the evidence and performing a proper investigation. It will also teach students how an organization should handle a cyber attack. Topics will include computer forensics, legal requirements for conducting an investigation, cloud incident response, mobile device incident response, network forensics, intrusion detection and analysis, and forensics tools.
- Conduct digital investigations that conform to accepted professional standards and are based on the investigative process: identification, preservation, examination, analysis, and reporting;
- Cite and adhere to the highest professional and ethical standards of conduct, including impartiality and the protection of personal privacy;
- Identify and document potential security breaches of computer data that suggest violations of legal, ethical, moral, policy, and/or societal standards;
- Apply a solid foundational grounding in computer networks, operating systems, file systems, hardware, and mobile devices to digital investigations and to the protection of computer network resources from unauthorized activity;
- Work collaboratively with clients, management, and/or law enforcement to advance digital investigations or protect the security of digital resources;
- Access and critically evaluate relevant technical and legal information and emerging industry trends;
- Communicate effectively the results of a computer, network, and/or data forensic analysis verbally, in writing, and in presentations to both technical and lay audiences.