Computer and Network Security
Foundations in Cyber Investigations
Foundations in Cyber Investigations provides students with an understanding of cyber investigations entails, its impact on all forms of investigations, and practical acquisition and preservation methods of cyber based evidence. Cyber-crimes will be defined and categorized to ensure students have an overall comprehension of cyber investigations. Students are then educated on core Internet functions such as IP addressing, URLs, SMTP messages, etc. Recovery of web based artifacts and malware analysis are critical skills that are explained in fine detail. Legal matters pertaining to authority to perform cyber investigations, court issued subpoenas, legislation that affects cyber investigators, and certain factors that need to be considered are discussed in this course. Evidence collection measures, necessary equipment to conduct cyber investigations, and the role of forensic laboratories are important elements within cyber case management. Different interview techniques as well as identifying subject’s motives can help investigators obtain a better understanding of the subject(s). A review of different investigation methods used by military, civilian, corporate, and government agencies, to include covert online operations.
Prerequisite(s): CTA 206