Image for
Home

Digital forensics

  • Class 30
  • Practice 30
  • Independent work 120
Total 180

Course title

Digital forensics

Lecture type

Elective

Course code

21-02-560

Semester

3

ECTS

6

Lecturers and associates

Course overview

This module is designed for students to learn the necessary skills to perform an effective digital forensics investigation. The module presents a methodological approach to computer forensics.

Student will learn all steps that are needed in Digital forensics including:
• searching and seizing
• chain-of-custody
• acquisition
• preservation
• analysis
• reporting of digital evidence

This modules addresses the knowledge and understanding required for students to learn forensic investigation techniques and standard forensic tools necessary to successfully conduct a computer forensic investigation leading to prosecution of perpetrators.

Literature

Essential reading:
1. [Anon.], (2019). Certified Hacking Forensic Investigator, Albuquerque: Ec-Council

Recommended reading:
1. Carrier, B., (2005). File system forensic analysis. Boston: Addison-Wesley Professional.
2. Shinder, D.L. and Cross, M., (2008). Scene of the Cybercrime. Rockland: Syngress.

Further reading:
1. Garrison, C.P., (2010). Digital forensics for network, Internet, and cloud computing: a forensic evidence guide for moving targets and data. Rockland: Syngress.
2. Pearson, S. and Watson, R., (2010). Digital triage forensics: processing the digital crime scene. Rockland: Syngress.

Minimal learning outcomes

  • Conduct research of electronic data storage media and data recovery
  • Conduct research of network traffic and the history of the use of the Internet and the computer itself
  • Conduct research of mobile devices
  • Conduct research of memory
  • Conduct research of applications and databases
  • Conduct analysis of the log from network devices and computer equipment
  • Explain the concepts of forensics, performing electronic evidence gathering and digital forensics
  • Explain data and evidence handling procedures
  • Write a report after testing

Preferred learning outcomes

  • Conduct advance research of electronic data storage media and data recovery
  • Conduct advance research of network traffic and the history of the use of the Internet and the computer itself
  • Conduct advance research of mobile devices
  • Conduct advance research of memory
  • Conduct advance research of applications and databases
  • Conduct advance analysis of the log from network devices and computer equipment
  • Design solution for electronic evidence gathering and digital forensics
  • Design solution for data and evidence handling procedures
  • Write an Executive summary report
Preuzmi vodič za studente
Share: Facebook Twitter