At the "Forensic Analysis" course, the student will become familiar with techniques in the field of investigation of cyber attacks and providing evidence. Methods for collecting the necessary evidence, prosecuting attackers, conducting a security audit, and correct methods for identifying traces of attackers in the event of an attack by an cyber attack will be explained. In the classroom, the student gets familiar with most of the latest tracking tools, software or hardware tools that you can use to find traces of attackers through data that remains on infected systems. We will be dedicated to recovering deleted, corrupted, or encrypted files, and to developing an audit to prevent future attacks of a similar type.