Inhalt
Inhalt |
This course is thought as a blended learning course.
It provides:
- an introduction to forensic sciences and procedures in general
- an introduction / reminder on IT security and safety
- an overview over IT forensics
- a theoretical background such as
+ Forensic principles
+ Evolution of IT forensics
- Systems forensics, including, but not limited to:
+ Disk forensics
+ Memory forensics
+ Network forensics |
Lernziele |
This course provides an introduction into IT forensics, i.e. the science of finding evidence in computer systems, networks and software.
After having attended this course, you should be able to:
- describe proper evidence handling
- explain forensic procedures in modern IT systems, including network, memory, and disk forensics
- provide a basic forensic examination of a modern IT system
The knowledge gained is both useful in forensic investigations to research computer related crime as well as in IT security incident response to understand the attack and provide adequate counter-measures. |
Voraussetzungen |
A good knowledge of hard- and software architecture, operating systems networking, protocols, programming, especially in C and Assembler, is highly advisable. |
Leistungsnachweis |
lt. SPO: K90 benotet
aktuelle temporäre SPO-Änderung: M |