This course introduces the student to the field of applied Computer Forensics as practiced by corporate security and law enforcement personnel. The emphasis is on “dead-box” (powered-off) data extraction and analysis with open-source tools. Topics covered include legal and regulatory issues, forensic imaging and data acquisition from a “dead” system, computer file systems (FAT/NTFS) and data recovery, Windows Registry and configuration records, Windows log analysis and operating system artifacts, memory dump analysis (RAM), software artifacts, computer network forensics, introductory mobile device forensics, case reporting and documentation, end-to-end computer forensic examinations, peer review, and testifying in court.
Course Offerings
There are no sections currently offered, however you can view a sample syllabus from a prior section of this course.