Module Descriptors
CYBERCRIME FORENSIC ANALYSIS
COCS70621
Key Facts
Faculty of Computing, Engineering and Sciences
Level 7
15 credits
Hours of Study
Scheduled Learning and Teaching Activities: 36
Independent Study Hours: 114
Total Learning Hours: 150
Assessment
- EXAMINATION - UNSEEN IN EXAMINATION CONDITIONS weighted at 100%
Module Details
Module Special Admissions Requirements
None.
Module Resources
Access to the Digital Forensic Lab,
Digital Forensics Software (EnCase, FTK, NetAnalysis)
Sanitised cases accumulated by the Faculty
Digital Forensics Software (EnCase, FTK, NetAnalysis)
Sanitised cases accumulated by the Faculty
Module Texts
Carvey H, Windows Forensics Analysis, Syngress, 2009, ISBN: 978-1-59749-9
Nelson B, A. Phillips, et. al, Guide to Computer Forensics and Investigations, 2010, Thompson, ISBN: 1435498836
Sammes T, B. Jenkinson, Forensic Computing: A Practitioners Guide, Second Edition 2010, Springer-Verlag, ISBN: 184996596X
Carvey, H, Windows Forensic Analysis DVD Toolkit 2nd Edition, Syngress, 2010 ISBN: 9781597494229
Nelson B, A. Phillips, et. al, Guide to Computer Forensics and Investigations, 2010, Thompson, ISBN: 1435498836
Sammes T, B. Jenkinson, Forensic Computing: A Practitioners Guide, Second Edition 2010, Springer-Verlag, ISBN: 184996596X
Carvey, H, Windows Forensic Analysis DVD Toolkit 2nd Edition, Syngress, 2010 ISBN: 9781597494229
Module Learning Strategies
The material will be presented through a combination of lectures, tutorials, practical exercises and directed self-study as a substitution for some tutorials.
Teaching will take place over 9 weeks and will be in the form of 1 lecture and 2 tutorial sessions per week. The lecture and the tutorial sessions could be combined to form a 4 hour teaching session.
Teaching will take place over 9 weeks and will be in the form of 1 lecture and 2 tutorial sessions per week. The lecture and the tutorial sessions could be combined to form a 4 hour teaching session.
Module Additional Assessment Details
2 hours end of semester Exam weighted at 100% (Learning Outcomes 1,2,3,4)
Module Indicative Content
This module covers the main aspects and concepts of forensic computing considering the topic in relation to individual and networked computer systems. In particular it will address:
An overview and introduction to forensic tools
Computer systems architecture and infrastructure
Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
Media and storage - file storage systems, media such as hard disks, network storage, Zip and floppy formats etc.
Files - deleted files, hidden files, monitoring processes, encryption issues, viruses and hacking
Watermarks, steganography, criminal activity tracking, logging, and packet sniffing
Data recovery and audit trails
An overview and introduction to forensic tools
Computer systems architecture and infrastructure
Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
Media and storage - file storage systems, media such as hard disks, network storage, Zip and floppy formats etc.
Files - deleted files, hidden files, monitoring processes, encryption issues, viruses and hacking
Watermarks, steganography, criminal activity tracking, logging, and packet sniffing
Data recovery and audit trails