None
Course Number:
CSCI 4611
Approved Starting Semester:
Fall 2021
Course Title:
Computer Forensics and Incident Response
Credit Hours:
3
Course Description (Bulletin Description):
This course addresses the topics of computer forensics, incident response, cyber-crime and terrorism, cyber-crime investigation and prosecution. Students will learn about computer forensics, extracting and proper handling of evidence, and how an organization can setup a security response team, prepare for and manage security incidents.
Prerequisite:
CSCI 4200
Co-requisite:
None
Pre/Co-requisite::
None
Dual-Listed:
CSCI 5611
Course Objectives (Course-level Student Learning Outcomes):
At the completion of the course, the student will be able to: 1. Know computer forensics methods to determine the source of incident and how to preserve evidence 2. Learn about Computer Forensics and Investigation as a Profession, Computing Investigations including email, social media, cloud, and mobile device investigations, and the organization of the Investigator's Office and Laboratory 3. Understand how to do Data Acquisitions, process Crime and Incident Scenes, and use, Current Computer Forensics Tools 4. Learn about Linux and Windows boot Processes and File Systems, including Computer Forensics Analysis and Validation 5. Know how to recover Graphics Files, Network Forensics 6. Know the requirements for Report Writing for High-Tech Investigations and understand Expert Testimony in High-Tech Investigations 7. Understand what counter measures can be taking in response to an incident. Proactive and reactive responses: anti-virus protection, firewalls, patches. 8. Understand how to restore normal business practices – employee termination, law enforcement reporting process. How to properly handle reports of abuse.
Topics Covered (In Outline/Calendar):
• Basic Principles and methodologies for digital forensics • Design systems with forensic needs in mind • Rules of-Evidence- general concepts and differences between jurisdictions and Chain of Custody • Search and Seizure of evidence: legal and procedural requirements • Digital Evidence methods and standards • Techniques and standards for Preservation of Data • Legal and Reporting Issues including working as an expert witness • OS/File System Forensics • Application Forensics • Web Forensics • Network Forensics • Mobile Device Forensics • Computer/network/system attacks • Attack detection and investigation • Anti-forensics
Student Learning Outcomes:
- Analyze a complex computing problem and to apply principles of computing and other relevant disciplines to identify solutions. (SLO1)
- Design, implement, and evaluate a computing-based solution to meet a given set of computing requirements in the context of the program’s discipline. (SLO2)
Course Coordinator:
Dr. Saeid SamadiDana
Instructor-in-charge:
Dr. Saeid SamadiDana
Previous Professors:
Mr. Leonard Tharpe, Dr. Saeid SamadiDana
Technologies / Skills:
Computer security incident response
Textbook(s):
Fall/Summer 2025
Title: GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS
Edition: 6TH 19
Author: NELSON
Publisher: CENGAGE L
ISBN: 9781337568944
========================================
Go back to choose another course