Course Catalog Description: This course is designed to provide the student with a good understanding on the field of digital forensics. The course will focus on the field of Digital Forensics including legal and investigative viewpoints. Forensic analysis and digital evidence over a wide range of technologies (like Networks, mobile devices, and Windows, Linux, Mac and embedded systems) will be reviewed.

Required Text:

• Guide to Computer Forensics and Investigations, Processing Digital Evidence by Bill Nelson, Amelia Phillips, and Chris Stuart, Paperback: 752 pages, Publisher: Course Technology; 5 edition (January 15, 2015)ISBN-10: 1285060032, ISBN-13: 978-1285060033

Prerequisites: 

Student Learning Outcomes

1. Identify the major concepts in modern operating systems and the basic security issues in OS design and implementation (how the first principles of security apply to operating systems). [Operating System Concepts] (ILO 4; BASLO 1; ISALO 1, 2).
2. Describe what can/cannot be retrieved from various operating systems. [Host Forensics] (ILO 1, 4; BASLO 1, 3; ISALO 1,2).
3. Describe the methodologies used in host forensics. [Host Forensics] (ILO 1, 4; BASLO 1, 3; ISALO 1, 2).
4. Describe the methodologies used in network forensics. [Network Forensics] (ILO 1, 4; BASLO 1, 3; ISALO 1, 2, 3).
5. Analyze and decipher network traffic, identify anomalous or malicious activity, and provide a summary of the effects on the system. [Network Forensics] (ILO 1, 3, 4; BASLO 1, 2, 3; ISALO 1, 2, 3).
6. Describe methods and approaches for forensic analysis on specified media. [Media Forensics] (ILO 1, 4; BASLO 1, 2, 3).