Washington University, St. LouisEngineering

SEC040   Security
    Incident Response and Computer Forensics

Code Course NameReg.Dur. Dates Days & Times Loc. Certifications Cost More info about cost of classes
L1 L2   NM
SEC040Incident Response and Computer ForensicsRegister for Class4 Eves Oct 6-9 2014MTuWTh 5:30p-8:30p CTSecurity
720 810 850
SEC040Incident Response and Computer ForensicsRegister for Class2 Days Oct 8-9 2014WTh 9:00a-4:30p CTSecurity
720 810 850

Description: This course provides a comprehensive overview of incident response & computer forensics. Topics include everything from establishing policies and procedures to collecting data from live Windows and Unix machines. Several hands-on exercises utilizing the HELIX Forensics CD will be incorporated into the course to allow you to perform live forensic analysis on the operating system. Tools Include: Windows Forensics Toolchest (WFT), Incident Response Collection Report (IRCR2), First Responderís Evidence Disk (FRED), First Responder Utility (FRU), Md5 Generator, File Recovery, Rootkit Revealer and many others.

Audience: This course is for system administrators, incident responders, cyber security professionals and anyone interested in both the technical and non-technical aspects of computer incident response and forensic analysis.

Prerequisites: IT Security Fundamentals (SEC005), or equivalent experience.


  • Understand the type of risks and best practices for preventing these risks
  • Learn how to monitor computer systems for evidence of malicious activity
  • Understand the steps involved in incident response process
  • Learn how to analyze data gathered during an investigation
  • Introduction
    • Real-World Incidents
      • Incident Response Process
        • Preparing for Incident Response
          • Incident Response Detection
          • Data Collection
            • Live Collections
              • Forensic Duplication
                • Network-based Evidence
                  • Evidence Handling
                  • Data Analysis
                    • Computer Storage Fundamentals
                      • Data Analysis
                        • Computer Investigations
                          • Network Traffic Analysis
                            • Hacker Tools
                              • Forensic Reports
                              Elective Hours (Cum. Classroom Time): 12

                              CEUs: 1.2


                              CAIT - Washington University in St. Louis School of Engineering & Applied Science

                              5 N. Jackson Ave, St. Louis, Missouri 63105
                              Phone: (314) 935-4444, Fax: (314) 935-4479