In this subject students will acquire the knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts. Students will be required to pass the GIAC Certified Forensics Analyst (GCFA) industry certification exam to complete this subject.
No offerings have been identified for this subject in 2019.
SY/US
One session
School of Computing and Mathematics
Available only to students enrolled in the Master of Information Systems Security and Master of Management (Information Technology)
ITI500
- be able to demonstrate usage of a range of forensic tools and how they function;
- be able to describe the forensic methodology, tools, and techniques;
- be able to successfully solve a range of forensic case studies.
* File System Structures and Metadata
* FAT/NTFS/Ext2/Ext3 File System Essentials
* Evidence Handling and Integrity Best Practices
* Evidence Acquisition of Hard Drives and Volatile Data
* String Searching Utilizing Dirty Word Lists
* File System Timeline Analysis
* Data Recovery Techniques Using Strings and File Headers
* Forensic Hash Comparisons via Hash Databases
* Media Analysis of System Registry, Internet Activity, and File Metadata
* Application Footprinting
* USB Forensic Analysis
* Fuzzy Hashing
* Windows XP and VISTA Forensics
For further information about courses and subjects outlined in the CSU handbook please contact:
The information contained in the CSU Handbook was accurate at the date of publication: May 2019. The University reserves the right to vary the information at any time without notice.