Computer Forensics

Overview

Learn the process, techniques and tools for performing a digital forensics investigation to obtain data related to computer crimes.

Digital forensics involves the investigation of computer-related crimes with the goal of obtaining evidence to be presented in a court of law.

In this course, you will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. You will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications.

You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems.

You will also be guided through forensic procedures and review and analyse forensics reports. This offering is part of the Cybersecurity MicroMasters® Programme, offered through the edX® platform that prepares students to enter and advance in the field of computing security.

Associated Programmes:
MicroMasters® Programme: Cybersecurity

This course forms part of the Cybersecurity MicroMasters® Programme which, includes the following courses:

Cybersecurity Fundamentals
Learn cybersecurity fundamentals, including how to detect threats, protect systems and networks, and anticipate potential cyber attacks.
View the course

Cybersecurity Risk Management
Learn key principles of risk analysis, risk assessment and risk mitigation for information security using both qualitative and quantitative methodologies.
View the course

Computer Forensics
Learn the process, techniques and tools for performing a digital forensics investigation to obtain data related to computer crimes.
View the course

Network Security
Learn the process of network security, including intrusion detection, evidence collection, network auditing, and contingency planning against attacks.
View the course

Cybersecurity Capstone
Demonstrate the knowledge and skills acquired in the Cybersecurity MicroMasters Program.
View the course

Prerequisites:
Successful completion of CYBER501x Cybersecurity Fundamentals

edX® and MicroMasters® are registered trademarks of edX® Inc. All Rights Reserved.

  • Programme duration
    8 weeks
  • Estimated effort
    10 - 12 hours per week
  • Fee
    R2395
  • Institution
    RITx
  • Language
    English
Start Dates
 
  • Court admissibility investigative procedures
  • Attributes of various Windows and Unix/Linux file systems and file recovery processes
  • To identify and apply appropriate forensics tools to acquire, preserve and analyse system image
  • Review and critique a forensics report

Week 1: Digital Forensics Fundamentals

  • Introduction to Incident response
  • Digital forensics four-step procedure
  • Concepts: computer/network/Internet forensic and anti-forensics 

Week 2: Unix/Linux Fundamentals

  • Unix/Linux incident response tools
  • Unix/Linux file systems (Ext2/Ext3) 

Week 3: Unix/Linux Forensic Investigation

  • Unix/Linux forensics investigation steps and technologies
  • Unix/Linux forensics case studies 

Week 4: Windows Incident Response

  • Memory forensics
  • Windows incident response tools

Week 5: Windows fundamentals

  • Windows file systems
  • Windows forensics tools

Week 6: Windows Forensic Investigation

  • Windows acquisition
  • Windows forensics analysis – registry and other artefacts

Week 7: Advanced artefacts

  • Loadable kernel module rootkits
  • Steganography hiding, detection and analysis

Week 8: Review and Everything Together