Jan 15, 2025  
2023-24 Catalog 
    
Catalog Navigation
  Catalog Home
  About Highline
  Academic Calendars
  Core Competencies
  Enroll in Classes
  Getting Started
  Assessment, Placement, and Educational Planning
  Financial Aid
  Programs, Resources and Services for Students
  Registration and Records
  Tuition and Fees
  Advanced Placement Equivalency Information
  Course Descriptions
  Associate Degree & Certificate Requirements
  Baccalaureate Degrees
  Professional Technical Associate Degrees & Certificates
  Transferable Degrees and Certificates
  Other Instructional Programs
  Board of Trustees/Faculty/Staff
  College Policies and Procedures
  Instructional Policies and Procedures
  Maps
  Services Directory
  Glossary
  Veterans Services Addenda
  My Portfolio
HELP
2023-24 Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CIS 370 - Network Forensics and Investigations

5 Credits
Students must be admitted to the appropriate BAS program to take this course. It is assumed that they have completed CIS 155 or its equivalent. This course focuses on tracking down network intruders and the tactics, techniques, and procedures they use. When, what, where, and how they were able to gain access gives a network administrator clues to design flaws in the network architecture and shortcomings in policies or procedures. This is a hands-on class in which students use network common tools used in investigations.

Pre-requisite(s) CIS 155 min 2.0
Program Admission Required Yes Admitted Program BAS - CIS
FeesCF

Quarters Typically Offered
Winter Evening
Spring Evening

Designed to Serve For students admitted to the BAS program in CyberSecurity and Forensics.
Active Date 20230320T11:43:23

Grading Basis Decimal Grade
Class Limit 24
Contact Hours: Lecture 44 Lab 22
Total Contact Hours 66
Degree Distributions:
ProfTech Course Yes
Restricted Elective Yes
Course Outline
  1. Review of networks and infrastructure
  2. Internet Protocols
    1. Review of Internet suite
    2. Vulnerabilities of the protocols
  3. Network based evidence
  4. Network device logging architecture and analysis
  5. Network evidence acquisition and analysis
  6. Network forensics
    1. Intrusion detection
    2. Malware and indicators of compromise
    3. Reporting events to a security operations center
    4. Applicable law and regulations
    5. Collecting evidence


Student Learning Outcomes
Describe network architecture, protocols, and infrastructure, and the role of network design principles in investigations

Explain tactics, techniques, and procedures of security incidents

Explain and demonstrate the use of network monitoring tools and where network based evidence can be found

Effectively perform event and flow analysis

Analyze intrusion detection system events to generate intelligence

Configure a collector/analysis stack and analyze events to mirror the responsibilities of a security analyst

Investigate, analyze, and report on security events through research and open-source intelligence


Add to Portfolio (opens a new window)