Forensics & Dis Response (CISC)

This class will introduce the students to investigating and analyzing computer systems and media using readily available open source tools. The student will use different forensic tools with Linux, OS X, and Windows systems. Well known forensic methods will be demonstrated using command-line and graphical open source computer forensic tools for examining a wide range of target systems and their artifacts. This is a hands-on course that requires prior knowledge of networking and Linux.

Prerequisite CISC 3391 with a grade of C or higher and departmental approval or admission to the Bachelor's program required. This course is an in-depth forensic analysis of Windows operating systems and media exploitation focusing on current and past Windows operating systems. The student will identify forensic evidence from a live Windows system as well as an acquired image. The course covers the use of open source tools and proprietary forensics tools. Forensics documentation and reporting including court room expert witness testimony procedures will be covered.