Mar 29, 2024  
2018 - 2019 Catalog 
    
2018 - 2019 Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CSI 230W - Network Forensics

Credits: 3
Develops skills in security incidents and intrusions, including: identifying and categorizing incidents, responding to incidents, log analysis, malware analysis, capturing volatile information, network traffic analysis, honeypots, honeynets, open source tools for incident response, creating an incident response team, and ethics in a digital investigation. 

Prerequisite(s): CSI 110W   with a grade of “C” or better.
Corequisite(s): CST 152  , CST 153  
Lecture Hours: 45 Lab Hours: 0
Meets MTA Requirement: None
Pass/NoCredit: Yes

Outcomes and Objectives
  1. Identify INFOSEC principles.
    1. Identify various types of incidents.
    2. Describe investigative steps.
    3. Describe possible outcomes.
  2. Perform analysis of real malware.
  3. Recover volatile information from a running computer or network.
  4. Demonstrate understanding of steganography.
    1. Describe steganography.
    2. Identify a stego file.
    3. Recover a hidden message.
  5. Identify procedures used in network forensics.
  6. Identify major components of TCP/IP.
  7. Use a network monitoring tool (Wireshark) to identify normal and abnormal traffic.
    1. Identify a syn scans.
    2. Identify password guessing.
    3. Identify downloading of protected intellectual property.
    4. Identify injection.
    5. Identify buffer overflow.
  8. Identify differences between network intrusion detection systems.
  9. Demonstrate understanding of a honeypot.
  10. Perform an incident response on a live system.
    1. Identify evidence from log files.
    2. Identify evidence from emails
    3. Identify evidence from system configuration files.



Add to Portfolio (opens a new window)