Choose your session:
About this courseSkip About this course
Digital forensics involves the investigation of computer-related crimes with the goal of obtaining evidence to be presented in a court of law.
In this course, you will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. You will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications. You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems. You will also be guided through forensic procedures and review and analyze forensics reports.
This offering is part of the RITx Cybersecurity MicroMasters Program that prepares students to enter and advance in the field of computing security.
At a glance
- Language: English
- Video Transcript: English
- Associated programs:
- MicroMasters® Program in Cybersecurity
- Associated skills: Linux, Forensic Sciences, Microsoft Windows, File Systems, Cyber Security, Computer Forensics, Unix, Digital Forensics
What you'll learnSkip What you'll learn
- Court admissibility investigative procedures
- Attributes of various Windows and Unix/Linux file systems and file recovery processes
- To identify and apply appropriate forensics tools to acquire, preserve and analyze system image
- Review and critique a forensics report
Week 1: Digital Forensics Fundamentals Introduction to Incident response digital forensics four-step procedure Concepts: computer/network/Internet forensic and anti-forensics
Week 2: Unix/Linux fundamentals Unix/Linux incident response tools Unix/Linux file systems (Ext2/Ext3)
Week 3: Unix/Linux Forensic Investigation Unix/Linux forensics investigation steps and technologies Unix/Linux forensics case studies
Week 4: Windows Incident Response Memory forensics Windows incident response tools
Week 5: Windows fundamentals Windows file systems Windows forensics tools
Week 6: Windows Forensic Investigation Windows acquisition Windows forensics analysis – registry and other artifacts
Week 7: Advanced artifacts Loadable kernel module rootkits Steganography hiding, detection and analysis
Week 8: Review and Everything Together
More about this courseSkip More about this course
- A 64-bit version of Windows, Mac OSX, or Linux system as your core operating system that can install and run VMware virtualization products.
- 8 GB of RAM minimum
- USB port(s)
- 200+ Gigabyte Host System Hard Drive
- 50+ Gigabytes of Free Space
- Have the local administrator access