Programme Outlines and Overviews
Forensics, Cybercrime, and Incident Response 7.5 credits
Course content
The course starts with discussing key standards and frameworks for incident response, key concepts relating to cybercrime, and digital elements in crime. The course includes technical concepts of network security, intrusion detection, security monitoring, and digital forensics. The course will also discuss digital evidence and the process of lawful evidence collection and elaborate on how forensic principles can aid the incident response process. During the course, students will gain hands-on experience with common tools and applications used for security monitoring, digital forensics, and intrusion detection.
The course includes the following elements:
- Key standards and frameworks for incident response (e.g., NIST SP800-61), different phases in the incident response plan, and handling of cybersecurity incidents
- Categories of cybercrime and cybercriminals
- Digital forensics and digital evidence, with emphasis on memory forensics
- Security monitoring, intrusion data analysis, security information, and event management (SIEM)
Entry requirements
Passed courses at least 90 credits within the major subject in Computer Science, Informatics, Information Systems, Computer Engineering, or the equivalent, and taken the course Penetration Testing, 7,5 credits or equivalent. Proof of English proficiency is required.
Level: Second cycle
Course/Ladok-code: T2FCOI
School: School of Engineering
Course information
- Type of courseProgramme instance course
- Type of instructionNormal teaching
- Semester2027 Week 12 - Week 22
- Study pace50%
- LocationJönköping
- Teaching hoursDay-time
- Tuition feeApplies only to students outside the EU/EEA/Switzerland.21375 sek
- Course SyllabusHTML (English)PDF (English)
- Occasion codeT1025
Content updated 2013-07-31
