•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Host Forensics

The intent of the Host Forensics Knowledge Unit is to provide students with the ability to apply forensics techniques to investigate and analyze a host in a network.

Topics

  1. Timeline Analysis
  2. File Systems and File System Forensics
  3. Known File Filters (KFF)
  4. Live System Investigations
  5. File Carving

Outcomes

  1. Describe what can/cannot be retrieved from various Operating Systems,
  2. Describe the methodologies used in host forensics.
  3. File Carving

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0041 Knowledge of incident categories, incident responses, and timelines for responses.
K0017 Knowledge of concepts and practices of processing digital forensic data.
K0182 Knowledge of data carving tools and techniques (e.g., Foremost).
ID DESCRIPTION
ID DESCRIPTION
ID DESCRIPTION