The course covers forensics tools, methods, and procedures used for investigation of computer crime, techniques of data recovery, protection and gathering of evidences, and expert witness skills.
Upon successful completion of this course, the student will be able to:
(PO a, b, c, d, e, f, g, j, k)
1. Know and use the methodology commonly used in computer forensics investigations.
2. Know and use methods for evidence gathering.
3. Use and evaluate various techniques for evidence analysis in file systems, memory and networks.
4. Install, configure and use forensics tools.
5. Get acquainted with hardware devices used in computer forensics investigations.
6. Retrieve, manipulate and organize evidences systematically.
7. Work in team, write forensics reports and present them in public.
8. Know and use standards and legal regulations linked with computer forensics investigations.