Welcome to the program
This unit will explore various options available to organisations in investigating problems and attacks on their computer systems.
We will consider a range of computer forensic frameworks and generate our own framework in order to assist organisations with systematically documenting, analysing and solving cybersecurity issues. We will also study exploitation techniques including shellcode, DLL hooking and authentication eavesdrop. We will learn how to use system log files, domain authentication and registry mechanisms to acquire digital evidence. We will identify the existence of rootkits and learn how to prevent attacks. The key focus of this unit is on identification, preservation, analysis and presentation of digital evidence related to a misuse or intrusion to an enterprise-level system.