CYBR 2215 Advanced Computer Forensics and Cyber Crime
Total Page:16
File Type:pdf, Size:1020Kb
Southern State Community College Curriculum Committee – SEPTEMBER 2016 CYBR 2215 – Advanced Computer Forensics and Cyber Crime Page 1 of 4
I. COURSE TITLE: Advanced Computer Forensics and Cyber Crime
COURSE NUMBER: 2215 CATALOG PREFIX: CYBR
II. PREREQUISITE(S): CYBR 1115 – Introduction to Computer Forensics and Cyber Crime
III. CREDIT HOURS: 4.0 LECTURE HOURS: 4 LABORATORY HOURS: OBSERVATION HOURS:
IV. COURSE DESCRIPTION: This course is an introduction into the concepts, terminologies, and terms to skillfully complete a computer investigation from acquiring digital evidence to reporting findings.
V. GRADING: Grading will follow the policy in the catalog. The scale is as follows:
A: 90 – 100 B: 80 – 89 C: 70 – 79 D: 60 – 69 F: 0 - 59
VI. ADOPTED TEXT(S):
Guide to Computer Forensics and Investigations, 5th Edition Cengage Learning Nelson ISBN: 978-1-285-06003-3
VII. COURSE OBJECTIVES:
1. Define computer forensics.
1 2. Describe how to prepare for computer investigations and explain the difference between law enforcement agency and corporate investigations. 3. Explain the importance of maintaining professional conduct. 4. Explain how to prepare a computer investigation. 5. Describe how to conduct an investigation. 6. List physical requirements for a computer forensics lab. 7. Explain ways to determine the best acquisition method. 8. Explain the rules for digital evidence. 9. List the steps in preparing for an evidence search. 10. Explain how to obtain a digital hash. 11. Review a case to identify requirements and plan your investigation. 12. List some options for decrypting drives encrypted with whole disk encryption. 13. Explain how the Windows Registry works. 14. Describe available computer forensics software tools. 15. List some considerations for computer forensics hardware tools. 16. Explain Macintosh file structures and the boot process. 17. Explain UNIX and Linux disk structures and boot processes. 18. Determine what data to analyze in a computer forensics investigation. 19. Describe methods of performing a remote acquisition. 20. Explain how to locate and recover graphics files. 21. Explain standard procedures for performing a live acquisition. 22. Explain standard procedures for network forensics. 23. Describe tasks in investigating e-mail crimes and violations. 24. Explain the use of e-mail server logs. 25. Explain the basic concepts of mobile device forensics. 26. Describe procedures for acquiring data from cell phones and mobile devices. 27. Explain how to use forensics tools to generate reports. 28. Explain guidelines for giving testimony as a technical/scientific or expert witness. 29. Explain how other organizations’ codes of ethics apply to expert testimony. 30. Describe ethical difficulties in expert testimony.
VIII. COURSE METHODOLOGY: Southern State Community College Curriculum Committee – SEPTEMBER 2016 CYBR 2215 – Advanced Computer Forensics and Cyber Crime Page 3 of 4
May include but not limited to: Lectures, independent and group projects, in-class and home assignments, tests, quizzes and lab exercises.
IX. COURSE OUTLINE:
Week 1: (Chapter 1) Installing forensics software Week 2: (Chapter 2) Understanding computer investigations Week 3: (Chapter 3) Disk image analysis Week 4: (Chapter 4) Data acquisition Week 5: (Chapter 5) Searching evidence Week 6: (Chapter 6) Windows registry Week 7: (Chapter 7) Working with evidence Week 8: (Chapter 8) Macintosh and Linus file systems Week 9: (Chapter 9) Computer forensics analysis and validation Week 10: (Chapter 10) Recovering graphics files Week 11: (Chapter 11) Live acquisitions Week 12: (Chapter 12) Analyzing email Week 13: (Chapter 13) Analyzing cell phone data Week 14: (Chapter 14) Reporting tools Week 15: (Chapter 15) Advanced forensics Week 16: Final Test
X. OTHER REQUIRED TEXTS, SOFTWARE, AND MATERIALS: Web-Based Labs Printed Access Card for access to the web- based labs for students.
XI. EVALUATION:
Instructor will specify which criteria will apply to particular assignments. Students will be expected to complete work utilizing course material covered. Other assignments, assessments, projects, presentations, hands-on exercises and reports may be assigned and graded at the discretion of the instructor.
XII. SPECIFIC MANAGEMENT REQUIREMENTS: None
XIII. OTHER INFORMATION:
FERPA: Students need to understand that your work may be seen by others. Others may see your work when being distributed, during group project work, or if it is chosen for demonstration purposes. Students also need to know that there is a strong possibility that your work may be submitted to other entities for the purpose of plagiarism checks.
DISABILITIES: Students with disabilities may contact the Disabilities Service Office, Central Campus, at 800-628-7722 or 937-393-3431.