Back to Course List

Cyber Incident Response and Computer Network Forensics

Course Description

This course will introduce the principles and general practice of incident response, including an overview to digital and network forensics.  It will define what constitutes an incident, what is meant by incident response, the attack lifecycle, and goals of incident response.  The course will discuss building an incident response team, the steps in the process, and preparing for incident response.  Students will understand the process of detecting and characterizing an incident, collecting and analyzing data, and the process of remediation.  The course will then provide a deeper dive into the practice digital forensics, specifically focusing on computer, mobile, network, and database forensics.  It will outline the investigative and analysis process, survey tools, digital evidence, and briefly touch on the law.


3 units