Cybersecurity Attack Incident and Artifact Gathering develops the skills needed to conduct incident response investigations, including memory, network, and host forensics.
What CTCH 660 covers
The development of the skills needed to conduct incident response investigations. The objective is to apply a dynamic incident response process to evolving cyber threats and develop threat intelligence to mount effective defense strategies. Ways that attackers scan, exploit, pivot, and establish persistence in the cloud and conventional systems are evaluated.
Emphasis is on understanding how to respond to incidents at a high level and on building important technical skills through hands-on labs and projects. Topics include what happens at each phase of incident response, as well as memory, network, host analysis, and forensics.
Typical CTCH 660 assignments
Expect a lab-based assignment requiring you to conduct an incident response investigation and document findings across memory, network, and host analysis.
Key topics in CTCH 660
- Incident response process
- Attacker persistence techniques (cloud and conventional)
- Threat intelligence development
- Memory, network, and host forensics
Writing tips for CTCH 660
Follow the assignment instructions and rubric line by line
UMGC graduate assignments for CTCH 660 are graded against a specific rubric or grading criteria your instructor provides — every requirement has to be visibly addressed. Skipping a requirement because it seems minor is one of the most common reasons a strong submission loses points.
Document your hands-on lab process, not just the final result
CTCH 660 is lab-intensive, and its written deliverables are usually graded on the process — the tools used, the steps taken, and the reasoning behind them — not just a final screenshot or outcome. A report that only shows the end state typically loses points for missing that documented process.
Cite current, credible cybersecurity sources
Cybersecurity threats, tools, and best practices change quickly. Strong CTCH 660 submissions cite current sources (NIST, CISA, vendor security advisories, recent peer-reviewed research) rather than relying on outdated general-IT sources.
Stuck on your CTCH 660 assignment?
Our writers know UMGC's course structure and this class's typical assignments. Get an original, properly cited paper matched to your syllabus and rubric.
Why students seek help with CTCH 660
Students sometimes address only one forensic angle (e.g., only network) instead of the memory, network, AND host analysis the course requires together — the rubric typically wants all three artifact types addressed.
How GradeEssays helps with CTCH 660
Share your CTCH 660 assignment and rubric, and your writer will help you cover the required memory, network, and host analysis dimensions.
Get Help With CTCH 660
Share your assignment instructions and rubric and we match you with a writer who knows this course and UMGC's grading standards.
Place Your Order View All ServicesPrerequisites and course context
CTCH 660 has no prerequisites. Students may receive credit for only one of CST 640 or CTCH 660.
Related courses
Frequently asked questions
No, CTCH 660 has no prerequisites.
CTCH 660 is a renumbered version of the older CST 640 code. Students may receive credit for only one of the two.