Gurumanie Singh Dhiman | CPRE536 Coursework

CPRE536: Computer and Network Forensics

CPRE536 introduces the fundamentals of computer and network forensics, including forensic duplication and analysis, network surveillance, intrusion detection and response, incident response workflows, and privacy protection techniques. The course also covers cyber law, policy, and communicating findings through court-ready reports and testimony.

Key topics

• Forensic duplication and chain-of-custody best practices
• Network surveillance and intrusion detection techniques
• Incident response processes and reporting
• Anonymity, pseudonymity, and privacy-preserving techniques
• Cyber law, security policy, and legal considerations for evidence
• Hands-on case studies emphasizing practical tool use

Hands-on labs

Labs emphasize practical experience with standard forensic tools and methodologies. Students work with tools such as FTK and EnCase for disk imaging, evidence analysis, and timeline creation. Exercises also include network packet capture and analysis, intrusion detection signatures, and preparing professional reports suitable for legal contexts.