MNIT Jaipur Syllabus Information Technology Digital Forensics

 

MNIT Jaipur Syllabus Information Technolog  Digital Forensics  

 Digital Forensics 

File System Forensics: Duplicating hard disks for “dead analysis”, reading hidden data on a disk’s Host

Protected Area (HPA), Direct versus BIOS access, dead versus live acquisition, Disk partitions – DOS,

Apple, and GPT partitions, BSD disk labels, Sun Volume; multiple disk volumes – RAID and disk

spanning; Analyzing FAT, NTFS, Ext2, Ext3, UFS1, and UFS2 file systems, Finding evidence: File

metadata, recovery of deleted files, Using The Sleuth Kit (TSK), Autopsy Forensic Browser, and related

open source tools

Web Forensics: network-based evidence in Windows and Unix environments, Reconstructing Web

browsing, e-mail activity, Tracing domain name ownership and the source of e-mails

System Forensics: Windows Registry changes, Duplicating and analyzing the contents of PDAs and

flash memory devices

Electronic document, computer image verification and authentication

Texts/References:

1. Brian Carrier. File System Forensic Analysis, Addison Wesley.

2. Chris Prosise, Kevin Mandia. Incident Response and Computer Forensics, McGraw Hill.

3. Linda Volonino, Reynaldo Anzaldua, and Jana Godwin. Computer Forensics: Principles and

Practices, Prentice Hall.

4. Keith J. Jones, Richard Bejtlich, and Curtis W. Rose. Real Digital Forensics: Computer Security

and Incident Response, Addison Wesley

5. Vacca, John R., Computer Forensics Computer Crime Scene Investigation, Charles River Media.

6. Nelson, Phillips, Enfinger, Steuart. Guide to computer Forensics and Investigation,  Course

Technology.

7. Papers from Journals/Conferences.

Leave a Comment