IS 392 Information Systems Forensics Internals—Auditing
Examines the tools and techniques used in the recovery of information-systems-generated artifacts used to aid forensic evidence collection and timeline corroboration. Students will examine system policies, auditing techniques, authentication methods, and event and system logging techniques for the family of Windows and Mac operating systems. Students will review documented prosecutions and investigations where operating system artifact recovery led to a successful resolution.
Prerequisite(s): A grade of "C" or better in IS 231