CYBV 384 provides students with in depth knowledge conducting a forensic investigation focusing on Windows Operating System (OS). It is estimated that approximately 80% of the desktop/laptop market share consists of Windows OS. It is critical for students to understand how Windows works and how to conduct a detailed investigation of this OS. During this course students will perform live analysis of Windows remotely and locally, understand how to and implement data acquisition, create timelines of system actions to identify how an incident occurred, and use various tools to recover and analyze data from file systems, the registry, and computer memory.
Course Units
3
Instructor(s)
- Joshua Moulin