Prerequisite: A minimum grade of “B-” in IT 518 or CS 524 or permission of the instructor. (3
Computer forensics is the analysis of computing and networking equipment to determine if
the equipment has been used for illegal, unauthorized or unusual activities. It also includes
monitoring a network for the same purpose. The theory, skills and tools needed in intrusion
detection and computer forensics are the major themes in this course. The course discusses
techniques for identifying threats, attacks and the axis of these attacks, including the various
types of malicious code. It also presents the conceptual and operational tools and techniques
necessary for analysis and resolution of problems with respect to attack tracing, system
recovery, continuity of operation, evidence collection, evidence analysis and prosecution.
Additional content includes technique, for mitigating security risks, effective use of filters and firewalls, and for recognizing attack patterns.