Operating System Forensics II
This course dives into more advanced topics related to operating system forensics such as encryption, sandboxes, telemetry data, different system processes, and cloud applications. The course will also cover many user and system artifacts on various operating systems, such as but not limited to Linux and Mac. Students will conduct complex examinations by correlating between artifacts found on different operating systems in order to reconstruct a timeline of events that happened.
Prerequisite: FOR-230 with C or better