CYBR-405
Catalog Description
Applied Digital Forensics and Incident Response. (3-0). Credit 3. Collection of digital evidence; digital evidence analytics; analysis of log data; malware triage; recover damaged digital evidence; write technical reports on malware and incidents; legal and ethical components of digital forensic science. Prerequisites: Junior or senior classification. Cross-listed with FIVS 405.
Course Learning Outcomes
Upon successful completion of this course, the student should be able to:
- Define the roles of a digital forensics investigator.
- Distinguish between different types of investigations.
- Apply the steps involved in a systematic approach to a digital investigation.
- Use available acquisition tools to acquire data from a suspect’s computer or device.
- Choose the appropriate digital forensics tools for an investigation.
- Explain the rules, procedures, and guidelines for collecting and controlling digital evidence.
- Locate and recover various types of files from different systems and contexts.
- Analyze, interpret, and validate data collected in an investigation.
- Generate reports using forensics tools.
- Explain the guidelines and procedures for giving testimony as an expert witness.
- Connect the knowledge gained from the course to earn relevant certifications and consider different career tracks.
Textbook and/or Resource Materials
Guide to Computer Forensics and Investigations, 7th edition
ISBN: 9798214403953
Grading Policy
All grades are weighted on a 4.0 system using the following allocation:
| Exams | 20% |
| Quizzes | 25% |
| Mock Forensics Report | 15% |
| Assignments | 15% |
| Labs | 25% |
| Total | 100% |
Grading Scale:
A= 90-100%
B= 80-89%
C= 70-79%
D= 60-69%
F= 59% and lower
Course Schedule
| Week | Topic | Required Reading |
|---|---|---|
| 1 | Understanding the Digital Forensics Profession and Investigations (Assignment 1) | Chapter 1 |
| 2 | Data Acquisition (Lab 1) (Assignment 2) | Chapter 4 |
| 3 | Processing Crime and Incident Scenes (Quiz 1) | Chapter 5 |
| 4 | Media Files and Digital Forensics (Lab 2) | Chapter 8 |
| 5 | Microsoft File Systems and the Windows Registry (Quiz 2) | Chapter 6; Handouts |
| 6 | Microsoft File Systems and the Windows Registry (Continued) (Lab 3) | Chapter 6; Handouts |
| 7 | Linux and Macintosh File Systems (Quiz 3) | Chapter 7 |
| 8 | Mobile Device Forensics (Lab 4) | Chapter 12 |
| 9 | Cybersecurity and Incident Response (Quiz 4) (Assignment 3) | Handouts |
| 10 | Network Forensics (Lab 5) | Chapter 10 |
| 11 | Cloud Forensics and the Internet of Anything (Quiz 5) | Chapter 11 |
| 12 | Email and Social Media Investigation (Lab 6) | Chapter 13 |
| 13 | eDiscovery (Quiz 6) (Assignment 4) | Chapter 14 |
| 14 | Report Writing and Testimony for Digital Investigations (Mock Report) | Chapter 2 |
| 15 | Ethics and Professional Responsibility (Final Exam, 20% of course grade) | Chapter 15 |