NWIT 264 - Network Forensics
Focuses on the technical aspects of network intrusions and discusses the methodology commonly used by attackers. The course begins with an overview of networking protocols and then addresses topics, such as session hijacking, capturing network traffic, and the importance of collecting volatile data. Students learn how to examine a compromised server or workstation in the field to obtain log files and forensic images of hard disk drives. Students examine server log files and forensic artifacts for evidence of the attacker’s methods and activities. PREREQUISITE(S): NWIT 170 or consent of department. Three hours each week.
3 semester hours
Upon course completion, a student will be able to:
- Demonstrate an understanding of common tool knowledge and hash sets.
- Perform host enumeration and port and vulnerability scanning.
- Create snapshot to triage and/or image powered-on computer systems.
- Describe Windows file sharing and vulnerabilities.
- Describe variety of network attacks.
- Perform incident response techniques and considerations.
Click here for the Fall 2019 Class Schedule
Click here for the Extended Winter 2020 Class Schedule
Click here for the Winter 2020 Class Schedule
Click here for the Spring 2020 Class Schedule
[Add to Favorites]