CYBV381 - From Incident to Digital Forensics

CYBV381
From Incident to Digital Forensics

Bachelor's Degrees

Certificates

Cybersecurity Digital Forensics 

Course Description

CYBV 381 provides students with the foundational knowledge of the Incident Response process leveraging the PICERL framework and NIST guidelines from the context of investigating incidents under the umbrella of Digital Forensics. Students will learn aspects of Incident Response, Forensics Fundamentals, Network Evidence Collection, Host and Network based evidence acquisition and analysis, and introduce Forensics Reporting, Malware Analysis, and Threat Intelligence.

Learning Outcomes

The student will:

  • Understand the incident response process and how to create and deploy these capabilities.
  • Understand how to acquire and handle evidence for later analysis
  • Analyze data to determine the root cause of an incident and develop reports to inform management or to be used during civil or criminal proceedings 
  • Evaluate incident response processes and integrate digital forensics techniques and procedures into the incident response process

Course Objectives

The student will:

  • Develop and incident response plan to support company policies
  • Acquire forensic artifacts from various operating systems, network devices, and data repositories such as system logs
  • Conduct in depth analysis of digital artifacts to determine the root cause of the incident
  • Develop comprehensive reports to support decision making by senior management or to be used during legal proceedings