Forensics, Cybercrime, and Incident Response 7.5 credits
Course Contents
The course starts with discussing key standards and frameworks for incident response, key concepts relating to cybercrime, and digital elements in crime. The course includes technical concepts of network security, intrusion detection, security monitoring, and digital forensics. The course will also discuss digital evidence and the process of lawful evidence collection and elaborate on how forensic principles can aid the incident response process. During the course, students will gain hands-on experience with common tools and applications used for security monitoring, digital forensics, and intrusion detection.
The course includes the following elements:
- Key standards and frameworks for incident response (e.g., NIST SP800-61), different phases in the incident response plan, and handling of cybersecurity incidents
- Categories of cybercrime and cybercriminals
- Digital forensics and digital evidence, with emphasis on memory forensics
- Security monitoring, intrusion data analysis, security information, and event management (SIEM)
Prerequisites
Passed courses at least 90 credits within the major subject in Computer Science, Informatics, Information Systems, Computer Engineering, or the equivalent, and taken the course Penetration Testing, 7,5 credits or equivalent. Proof of English proficiency is required.
Level of Education: Second cycle
Coursecode/Ladok code: T2FCOI
The course is conducted at: School of Engineering
| Label | Value |
|---|---|
| Type of course | Programme instance course |
| Study type | Normal teaching |
| Semester | Spring 2027 |
| Study period |
week 12 - week 22
|
| Rate of study | 100% |
| Language | English |
| Location | Jönköping |
| Time | Day-time |
| Tuition fees do NOT apply for EU/EEA citizens or exchange students | 21375 SEK |
| Syllabus (PDF) | |
| Application code | HJ-T1025 |