CYB451 - Computer Forensics Lab
Course Description
This course focuses on a detailed approach to computer forensics and evidence analysis. In this course students will cover major forensic investigation scenarios that enable students to acquire necessary hands-on experience on forensic investigation techniques including Searching and Seizing Computers, Digital Forensics, First Responder Procedures, and Understanding Hard Disks and File Systems.
This undergraduate course is 5 weeks.
PLEASE NOTE:
Attendance and participation are mandatory in all university courses, and specific requirements may differ by course. If attendance requirements are not met, a student may be removed from the course. Please review the Course Attendance Policy in the Catalog for more information.
Course Objectives
Week 1
- Describe the challenges created by anti-forensic actions for forensic investigators.
- Examine anti-forensics techniques related to the deletion of files and password-protected files.
- Utilize forensics techniques to extract files and evidence from deleted files and password-protected files.
Week 2
- Examine anti-forensics techniques attackers use to avoid detection, including steganography, trial obfuscation, artifact wiping, data/metadata overwriting, and encryption.
- Examine anti-forensics countermeasures, including software tools.
Week 3
- Examine methods for collecting volatile and nonvolatile data in Windows machines.
- Analyze logs, memory, and registry in Windows machines.
- Examine the cache, cookies, and history recorded in web browsers.
- Compare different versions of Windows operating systems.
Week 4
- Examine methods for collecting volatile and nonvolatile data in Macintosh machines.
- Analyze Macintosh data and log files.
- Compare different versions of Macintosh operating systems.
Week 5
- Examine methods for collecting volatile and nonvolatile data in Linux machines.
- Analyze Linux-based shell commands and log files.
- Compare different versions of Linux operating systems.
Prerequisites
A prerequisite is required for this course. The purpose of a prerequisite is to ensure students have the knowledge and/or skills needed to be successful in the course. Students are required to take the courses in this bundle in the prescribed sequence to ensure the prerequisites are met.
CYB449 - Computer Forensics Investigative Process or equivalent
Disclaimers
The University of Phoenix reserves the right to modify courses.
While widely available, not all programs are available to residents of all states. Please check with an Enrollment Representative.
Transferability of credit is at the discretion of the receiving institution. It is the student’s responsibility to confirm whether or not credits earned at University of Phoenix will be accepted by another institution of the student’s choice.
If you have a question contact us at 866-354-1800.
This course belongs to the following bundles offer:
- Computer Hacking Forensics Investigator Course Collection : Computer Hacking Forensics Investigator Course Collection