3 Credit Hour Course
Intended For Level 0 Term 0 Students
Prerequisite:
Introduction to Digital Forensics: computer crimes, evidence, extraction, preservation, etc.; Analysis Techniques; Data Acquisition of physical storage devices: disk imaging, recovering swap files, temporary and cache files; Chain of custody; Overview of hardware and operating systems: structure of storage media/devices; Windows/Macintosh/Linux registry, boot process, file systems, file metadata; File carving and document analysis; Data recovery: identifying hidden data, Steganography, recovering deleted files; Memory forensics: Image acquisition, Memory image analysis using Volatility, Detecting code injection etc.; Cell phone and mobile device Investigations; E-mail forensics; Database forensics; Network forensics; Intrusion analysis; Virtual Machine and Cloud forensics; Application analysis; Computer forensic tools; Programming for digital forensics; Computer crime and legal issues; Forensic documentation.
