CYBV386
Enterprise and File System Forensics (Linux)
Bachelor's Degrees
Certificates
Cybersecurity Digital Forensics
Course Description
CYBV 386 provides students with in depth knowledge conducting a forensic investigation focusing on Linux. Students will gain a better understand of the internal operations of Linux and how to quickly and effectively conduct forensics investigations on Linux. Students will develop an understanding of forensics and incident response techniques and methodologies, conducting live analysis; creating, mounting, and analyzing images; conducting memory analysis, and understand advanced attack techniques.
Learning Outcomes
The student will:
- Collect and analyze Linux digital artifacts
- Develop methodologies to conduct digital forensic investigations for Linux
- Conduct recovery of critical evidence on device storage
Course Objectives
The student will:
- Perform live analysis on Linux systems locally and remotely
- Demonstrate and understand acquisition techniques of volatile and non-volatile data
- Extract and analyze digital artifacts to conduct a digital forensic investigation
- Analyze the architecture and security mechanisms present in Linux
- Evaluate and leverage open source tools and Python and Shell scripting to extract and analyze digital artifacts
- Correlate data collected from attacks and develop comprehensive reports to support management decision making and potentially legal proceedings