The intent of the Host Forensics Knowledge Unit is to provide students with the ability to apply forensics techniques to investigate and analyze a host in a network.
- Timeline Analysis
- File Systems and File System Forensics
- Known File Filters (KFF)
- Live System Investigations
- Describe what can/cannot be retrieved from various Operating Systems,
- Describe the methodologies used in host forensics.
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
||Knowledge of incident categories, incident responses, and timelines for responses.
||Knowledge of concepts and practices of processing digital forensic data.