- Operating systems, log and configuration files, data redundancy and protection.
- Mobile phone analysis
- Access controls and encryption.
- Network activity monitoring and tracing.
- Standards for evidence handling e.g. ISO 17799
- Evaluation and reporting of evidence
- Computer systems architecture and infrastructure
- Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
- Firewalls and protection
- Intrusion and Intrusion Detection
- Legal context and structures, Expert testimony.
- Processing crime and incident scenes. Digital evidence controls.
- Forensic investigation and evidence handling

Isolated Forensic Analysis Lab
Forensic tool sets e.g. EnCase, FTK, XRY
Sanitized cases accumulated by the Faculty

Computer Forensics: Jump Start, Solomon M.G., Barrett, D., Broom, N. Sybex, 2005. ISBN : 0-7821-4375-X

Good Practice Guide for Computer Based Evidence. Association of Chief Police Officers (ACPO) of England, Wales and Northern Ireland.
http://www.7safe.com/electronic_evidence/ACPO_guidelines_computer_evidence.pdf

Task based assignment 100% - Learning outcomes 1, 2, 3 & 4.

A 3000 word report detailing an investigation into the evidence obtained as part of a cybercrime investigation

Practical tasks and tutorials will be used to re-enforce and apply theory to encourage an analytical and problem based approach to forensic investigation. 36 hours of intensive class contact over the period of a week

Embedded within the module will be the training to enable the student to take the XRY Logical certification

To attempt this module, you must pass the following modules or have RPL agreed by the course leader for this modules: COCS60635