CYBR 672

Digital Forensics II

2 Graduate credits
Effective May 6, 2020 – Present

Graduation requirements this course fulfills

This course covers how to conduct successful digital forensic examinations in Windows, Linux, and Mac OS, the methodologies used, key technical concepts, and the tools needed to perform examinations. The required technical details of how each operating system works and how to find artifacts is also covered. Topics like File systems, data recovery, memory forensics, executable layouts are discussed in details. Moreover, Hands-On Network Forensics that starts with the core concepts within network forensics, including coding, networking, forensics tools, and methodologies for forensic investigations are covered.

Special information

First day attendance is mandatory.Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.

Learning outcomes

General

  • Differentiate between different file systems used by modern operating systems
  • Conduct Memory Forensics to extract essential artifacts
  • Discover and interpret encrypted traffic
  • Correlate data collected from attacks
  • Apply a solid foundational grounding in computer forensics science by conducting acquisitions of locally attached devices with various state-of-the-art tools and validate the acquired images.
  • Sketch and recover various artifacts from the windows registry such as user account information and network address information.

Spring 2021

Section Title Instructor
01 Digital Forensics II Rabieh, Khaled Course details