Upon course completion, the student will be able to:
1. Define system forensics and understand how computers are used in crimes, and why system forensics is an essential part of information security.
2. Describe the functional, technical, and ethical roles of a system forensics specialist; and explain the importance of properly handling forensic evidence.
3. Recognize the many types of cybercrimes and list various sources of cyber threats.
4. Explain the challenges of system forensics and the factors associated with them.
5. Evaluate forensic tools, frameworks and processes.
6. Outline system forensics tools commonly used, and explain how to determine the best acquisition method.
7. Illustrate the importance of preserve a digital crime scene and how to collect forensic evidence.
8. Explain the purpose of a file system, information hiding techniques, and some of the key concepts in data recovery.
9. Describe the process of investigating email, networks, and mobile devices.
10. Explain how to minimize security threats in an organization and understand the effect of internal and external factors on system forensics.