Incident Response and Forensics Detailed Syllabus for Cyber Forensics & Information Security / Cyber Security M.Tech first year second sem is covered here. This gives the details about credits, number of hours and other details along with reference books for the course.
The detailed syllabus for Incident Response and Forensics M.Tech 2017-2018 (R17) first year second sem is as follows.
M.Tech. I Year II Sem.
Course Objectives:
- To know the real world incidents
- To make a pre incident preparation
- To understand about incident detection and characterization
UNIT – I: Real-World Incidents: What Constitutes an Incident?, What Is Incident Response?, Where We Are Now, Why Should You Care About Incident Response?, Concept of the Attack Lifecycle, IR Management Handbook: What Is a Computer Security Incident?, What Are the Goals of Incident Response?, Who Is Involved in the IR Process?, The Incident Response Process: Initial Response, Investigation, Remediation, Tracking of Significant Investigative Information, Reporting.
UNIT – II: Pre-Incident Preparation: Preparing the Organization for Incident Response, Identifying Risk, Policies That Promote a Successful IR, Working with Outsourced IT, Thoughts on Global Infrastructure Issues, Educating Users on Host-Based Security, Preparing the IR Team, Preparing the Infrastructure for Incident Response, Computing Device Configuration, Network Configuration.
UNIT – III: Incident Detection and Characterization: Collecting Initial Facts, Checklists, Maintenance of Case Notes, Building an Attack Timeline, Understanding Investigative Priorities, What Are Elements of Proof?, Setting Expectations with Management, Initial Development of Leads, Defining Leads of Value, Acting on Leads, Turning Leads into Indicators, The Lifecycle of Indicator Generation, Resolving Internal Leads, Resolving External Leads.
UNIT – IV: Data Collection: Live Data Collection, When to Perform a Live Response, Selecting a Live Response Tool, What to Collect, Live Data Collection on Microsoft Windows Systems, Prebuilt Toolkits, Do It Yourself, Memory Collection, Live Data Collection on Unix-Based Systems, Live Response Toolkits, Memory Collection.
UNIT – V: Forensic Duplication: Forensic Image Formats, Complete Disk Image, Partition Image, Logical Image, Image Integrity, Traditional Duplication, Hardware Write Blockers, Image Creation Tools, Live System Duplication, Duplication of Enterprise Assets, Duplication of Virtual Machines.
TEXT BOOK:
- “ Incident Response and Computer Forensics”, Kevin Mandia, Mathew Pepe, Jason Luttgens, 3rd Edition, McGraw-Hill Osborne Media, 2014.
REFERENCES:
- “Handbook Computer Crime Investigation’s Forensic Tools and Technology”, Eoghan Casey, Academic Press.
- “A Step-by-Step Guide to Computer Attacks and Effective Defenses”, Skoudis. E., Perlman. R. Counter Hack, Prentice Hall Professional Technical Reference.
- “Disk Detective: Secret You Must Know to Recover Information From a Computer”, Norber Zaenglein, Paladin Press.
- “Guide to computer forensics and investigations”, Bill Nelson, Amelia Philips and Christopher Steuart, Cengage Learning.
For all other M.Tech 1st Year 2nd Sem syllabus go to JNTUH M.Tech Cyber Forensics & Information Security / Cyber Security 1st Year 2nd Sem Course Structure for (R17) Batch.
All details and yearly new syllabus will be updated here time to time. Subscribe, like us on facebook and follow us on google plus for all updates.
Do share with friends and in case of questions please feel free drop a comment.