In this subject students will acquire the knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts. Students will be required to pass the GIAC Certified Forensics Analyst (GCFA) industry certification exam to complete this subject.
No offerings have been identified for this subject in 2018.
SY/US
One session
School of Computing and Mathematics
Available only to students enrolled in the Master of Information Systems Security and Master of Management (Information Technology)
ITI500
- be able to demonstrate usage of a range of forensic tools and how they function;
- be able to describe the forensic methodology, tools, and techniques;
- be able to successfully solve a range of forensic case studies.
* File System Structures and Metadata
* FAT/NTFS/Ext2/Ext3 File System Essentials
* Evidence Handling and Integrity Best Practices
* Evidence Acquisition of Hard Drives and Volatile Data
* String Searching Utilizing Dirty Word Lists
* File System Timeline Analysis
* Data Recovery Techniques Using Strings and File Headers
* Forensic Hash Comparisons via Hash Databases
* Media Analysis of System Registry, Internet Activity, and File Metadata
* Application Footprinting
* USB Forensic Analysis
* Fuzzy Hashing
* Windows XP and VISTA Forensics
For any enquiries about subject selection or course structure please contact Student Central or ask@csu.edu.au or phone on 1800 275 278.
For further information about Charles Sturt University, or this course offering, please contact info.csu on 1800 275 278 (free call within Australia) or enquire online.
The information contained in the 2018 CSU Handbook was accurate at the date of publication: August 2018. The University reserves the right to vary the information at any time without notice.