News
05.09.2019
|
Exam resultsThe results for the 2nd final exam should now be visible in the CMS. The exam inspection will take place in building C3.1, room 0.04. |
04.09.2019
|
Exam inspectionThe exam inspection of the 2nd exam will take place next Tuesday, 11:00 - 12:00; room TBA (most likely in building C3.1 or nearby). |
07.08.2019
|
Exam InspectionThe exam inspection will be next monday (12th August), 10:00 a.m., building C3.1, Room 0.01. Please do not forget your Student ID. |
30.07.2019
|
Exam resultsThe exam results are now in the CMS. You should have received a corresponding e-mail. A couple of remarks:
The exam results are now in the CMS. You should have received a corresponding e-mail. A couple of remarks:
|
25.07.2019
|
Additional exam informationThe data and time for the re-exam have been fixed: September 2, 13:30, Günter-Hotz-Hörsaal (same time and place as the first exam - not a typo). Both exams are scheduled to last 90 minutes. |
18.07.2019
|
Exam DetailsThe main exam will take place on 26.07.2019, 13:30 at the Günter Hotz Lecture Hall (E 2.2). The use of cheat sheets is not allowed. Please be there at least 15 minutes ahead of time. The planned date for the reexam is 2.9.2019, but this is not fixed yet. |
12.07.2019
|
Slides on Network MonitoringDue to a misunderstanding, the slides for the network monitoring chapter were uploaded with a delay. They are now available in the CMS. |
12.06.2019
|
No lecture tomorrowThe lecture tomorrow has to be cancelled. The tutorial will take place on Friday as usual. |
01.06.2019
|
Lecture Instead Of Tutorial Next WeekNext week there will be an additional lecture in the tutorial slot. The solutions of the mid term will be discussed in two weeks. |
31.05.2019
|
Reminder: (Voluntary) mid-term exam todayJust a quick reminder that we will have the mid-term exam in the tutorial today. The style is similar to the main exam, but participation is voluntary; it is mainly a tool for self-assessment. |
22.05.2019
|
Exam registration deadline now strictThe dean for student affairs (in computer science) has asked the lecturers to communicate the following information (which applies to all lectures): The deadline for registering for exams in lectures is now a strict deadline. Late registrations after the... Weiterlesen The dean for student affairs (in computer science) has asked the lecturers to communicate the following information (which applies to all lectures): The deadline for registering for exams in lectures is now a strict deadline. Late registrations after the deadline will only be processed by the study coordination in case of duly justified exceptions, such as illness. |
16.05.2019
|
No Lecture Today and Information about the Tutorial tomorrowAs already mentioned last week, there will be no lecture today. Next week, the Tutorial will probably be swapped with the lecture, i.e. Tutorial on thursday and lecture on friday within the usual time slots. In the Tutorial tommorrow, there will be... Weiterlesen As already mentioned last week, there will be no lecture today. Next week, the Tutorial will probably be swapped with the lecture, i.e. Tutorial on thursday and lecture on friday within the usual time slots. In the Tutorial tommorrow, there will be practical exercises again. We will need Volatility (https://www.volatilityfoundation.org/26) and the Test Image called "xp-laptop-2005-06-25.img" from this archive: https://www.cfreds.nist.gov/mem/memory-images.rar |
10.05.2019
|
Practical Exercise InformationWe will need two Test Images from https://www.cfreds.nist.gov/dfr-test-images.html for the exercises in the tutorial today, namely the first one "DFR-01" in NTFS and "DFR-11" in NTFS format. Here are the corresponding download links: We will need two Test Images from https://www.cfreds.nist.gov/dfr-test-images.html for the exercises in the tutorial today, namely the first one "DFR-01" in NTFS and "DFR-11" in NTFS format. Here are the corresponding download links: DFR-11: https://www.cfreds.nist.gov/dfr-images/dfr-11-mft-ntfs.dd.bz2 |
02.05.2019
|
Information about the Tutorial(s)It has been decided that there will be no additional tutorial slot, therefore we relocate the tutorial to the lecture hall (0.05, CISPA) just like last week. Concerning the tutorial tomorrow, there will be no practical exercise yet, this is postponed to next... Weiterlesen It has been decided that there will be no additional tutorial slot, therefore we relocate the tutorial to the lecture hall (0.05, CISPA) just like last week. Concerning the tutorial tomorrow, there will be no practical exercise yet, this is postponed to next week. Best, Nils |
18.04.2019
|
Anecdote on forensic analysis of persistent dataFor the German-speaking students, the anecdote on https://kanzleiundrecht.wordpress.com/2016/04/27/darf-es-etwas-weniger-sein/ shows how not to do computer forensics |
IT Forensics
The lecture deals with finding and evaluating legal evidence in IT systems, both for criminal prosecution and civil action.
Focus areas include, among others:
Processes of IT forensics (with a focus on incident response)
Analysis of storage media and file systems
Retrieval and analysis of RAM contents (e.g., cold boot attacks)
Attacks on passwords
(Basics of) evidence in civial actions and criminal proceedings
Role of technical experts in court