Incident Response & Digital Forensics

 

Course title   

Incident Response & Digital Forensics

Course Codes          

CS7505

Level  

7

Status            

Elective

Credits

15

Prerequisite 

None

Course offered in

Refer to Programme Course Selection Sheet, online

Duration

1 trimester

 

 

           

 

Aim

To provide students with the essential skills to conduct an investigation of compromised systems during or after a cyber/security incident.

 

 

Learning Outcomes

On successful completion of this course, the learner will be able to:

  1. Evaluate the use and application of incident response methodologies in dealing with system security-related incidents.
  2. Acquire and analyse live response data from compromised systems.
  3. Analyse memory for evidence of a compromise.
  4. Analyse file system and operating system artefacts for evidence of a compromise.
  5. Evaluate and apply tools and common processes in performing analysis of compromised systems.
  6. Apply research methods to obtain current knowledge of events and tools/support kits in the subject area.

 

Indicative content

  • Incident response methodologies
  • File system analysis
  • Operating system artefact analysis
  • Acquisition and analysis of data from ‘live’ systems
  • Memory analysis
  • Common methods used by malicious actors to compromise systems

Have a question
or feedback?

Call us on 0800 935 832
or send us a message