Computer and Network Forensics
Catalog Description: Competence in using established forensic methods in the handling of electronic evidence; rigorous audit/logging and date archival practices; prevention, detection, apprehension, and prosecution of security violators and cyber criminals.
Total Credits: 3
Course Coordinator: James Alves-Foss
Prereq: CS 336 and permission.
Textbook: Phillips, Nelson, Enfinger, and Stuart, Guide to Computer Forensics and Investigations, Course Technology, 2006, or equivalent.
Major Topics Covered
- History and Definitions (1 hour)
- Investigative process, Investigative reconstruction (3 hours)
- Forensic tools (4 hours)
- Windows file systems (3 hours)
- Unix file system (4 hours)
- Unix processes in depth, root kits (3 hours)
- Network forensics (4 hours)
- TCT or Sleuthkit Lab (4 hours)
- Criminology, criminal intentions (3 hours)
- Criminal element, laws (5 hours)
- Expert testimony (3 hours)