Module Descriptors
FORENSIC COMPUTING CONCEPTS
COCS70309
Key Facts
Faculty of Computing, Engineering and Sciences
Level 7
15 credits
Contact
Leader: Liam Owens
Email: Liam.Owens3@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 48
Independent Study Hours: 102
Total Learning Hours: 150
Assessment
- EXAMINATION - UNSEEN IN EXAMINATION CONDITIONS weighted at 50%
- ASSIGNMENT weighted at 50%
Module Details
Module Learning Strategies
The material will be presented through a combination of lectures, tutorials, practical exercises and directed self-study as appropriate for
each topic. Related to teaching you will receive 2 lectures and 2 tutorial sessions per week.
(1:n)2 (1:20)2
each topic. Related to teaching you will receive 2 lectures and 2 tutorial sessions per week.
(1:n)2 (1:20)2
Module Resources
Net Analysis and Encase software
High power PC, additional hardware such as hard drives and cradle
Access to the internet
Library
High power PC, additional hardware such as hard drives and cradle
Access to the internet
Library
Module Special Admissions Requirements
None
Module Texts
Computer Forensics and Investigations, Phillips, A, Enfinger, F, and Nelson, B (2004), Course Technology, ISBN: 1592003826
Forensic Computing: A Practitioner's Guide, Sammes, A. J. , Jenkinson, B. (2000), Springer-Verlag, ISBN: 1852332999
Secret Software: Making the Most of Computer Resources for Data Protection, Information Recovery, Forensic Examination, Crime Investigation and More, Zaenglein, N (2000), Paladin Press, ISBN: 1581600887
Forensic Computing: A Practitioner's Guide, Sammes, A. J. , Jenkinson, B. (2000), Springer-Verlag, ISBN: 1852332999
Secret Software: Making the Most of Computer Resources for Data Protection, Information Recovery, Forensic Examination, Crime Investigation and More, Zaenglein, N (2000), Paladin Press, ISBN: 1581600887
Module Additional Assessment Details
Examination, 2 hours, 50% (Learning outcomes 1, 4 and 5)
Assignment 50% (Learning outcomes 1, 2 and 3)
Assignment 50% (Learning outcomes 1, 2 and 3)
Module Indicative Content
This module covers the main aspects and concepts of forensic computing considering the topic in relation to individual and networked computer systems. In particular it will address:
An overview and introduction to forensic tools
Computer systems architecture and infrastructure
Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
Media and storage - file storage systems, media such as hard disks, network storage, Zip and floppy formats etc.
Data usage patterns
Files - deleted files, hidden files, monitoring processes, encryption issues, virus's and hacking
Watermarks, steganography, criminal activity tracking, logging, and packet sniffing
Data recovery and audit trails
Firewalls and protection
An overview and introduction to forensic tools
Computer systems architecture and infrastructure
Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
Media and storage - file storage systems, media such as hard disks, network storage, Zip and floppy formats etc.
Data usage patterns
Files - deleted files, hidden files, monitoring processes, encryption issues, virus's and hacking
Watermarks, steganography, criminal activity tracking, logging, and packet sniffing
Data recovery and audit trails
Firewalls and protection