Advanced Computer Forensics
NETV 477 is an advanced computer forensics course that provides students an in depth knowledge of network forensics, network flow analysis, network intrusion detection systems, event reconstruction and memory forensics for Windows, Linux and MAC operating systems.
The student will:
- Be able to conduct network protocol analysis and network flow analysis o Conduct Network Forensics investigations and understand Network Forensics Investigative Methodology.
- Conduct Windows, Linux and MAC Memory Forensics.
- Identify sources of information about threats to an organization.
- Event Reconstruction through locating malware in process memory and Memory acquisition.
- Conduct Malware Forensics by detecting compromised systems and understand malware and associated vulnerabilities to produce IDS signatures.