Module Descriptors
DIGITAL FORENSIC FUNDAMENTALS (DISTANCE LEARNING)
COCS70629
Key Facts
Digital, Technology, Innovation and Business
Level 7
15 credits
Contact
Leader: Ange Aly
Email: ange.aly@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 3
Independent Study Hours: 147
Total Learning Hours: 150
Pattern of Delivery
- Occurrence A, Stoke Campus, PG Semester 1
Sites
- Stoke Campus
Assessment
- Coursework - Assignment (3000 words) weighted at 100%
Module Details
Module Special Admissions Requirements
None.
Module Resources
Access to software emulators and open source applications.
Module Texts
Nelson, B. and Steuart, C. (2015), Guide to Computer Forensics and Investigations, 5th Edition, Course Technology Publishers, ISBN: 1285060032.
Bazzell, M. (2018), Open Source Intelligence Techniques: Resources for Searching and Analysing Online Information, CreatSpace Publishers, ISBN: 1984201573.
UK ACPO guidelines, Version 7.
Bunting, S. (2012) EnCase Computer Forensics -- The Official EnCE: EnCase Certified Examiner Study Guide, Sybex, ISBN: 0470901063
Carvey, H, (2010), Windows Forensic Analysis DVD Toolkit, Syngress, ISBN: 9781597494229.
Bazzell, M. (2018), Open Source Intelligence Techniques: Resources for Searching and Analysing Online Information, CreatSpace Publishers, ISBN: 1984201573.
UK ACPO guidelines, Version 7.
Bunting, S. (2012) EnCase Computer Forensics -- The Official EnCE: EnCase Certified Examiner Study Guide, Sybex, ISBN: 0470901063
Carvey, H, (2010), Windows Forensic Analysis DVD Toolkit, Syngress, ISBN: 9781597494229.
Module Learning Strategies
As a distance learning module, there will not be a traditional lecture every week. The main learning environment that will be used is our Virtual Learning Environment (VLE). Students will work through the module material provided on the VLE at a pace suggested by the instructors. The Instructors will monitor student progress, providing their expertise where necessary for assisting in solving problems. Students will be encouraged to discuss relevant aspects within discussion forums that are part of the VLE. The forums will allow discussion with a student's peer group as well as the module tutor.
Module Additional Assessment Details
An ASSIGNMENT weighted at 100%.
A practical portfolio backed up with 3000 words (excluding appendices). The portfolio will consist of a research based case study worth 50% (Learning Outcomes 1 to 3) and small artefact development to show the application of practical skills to a limited lab based scenario, worth 50% (Learning Outcomes 2 to 4).
A practical portfolio backed up with 3000 words (excluding appendices). The portfolio will consist of a research based case study worth 50% (Learning Outcomes 1 to 3) and small artefact development to show the application of practical skills to a limited lab based scenario, worth 50% (Learning Outcomes 2 to 4).
Module Indicative Content
This module covers the main aspects and concepts of digital devices and the significance of implementing forensic techniques to collect digital artefacts from individual and networked computer systems.
In particular it will address :
- Computer systems components, architecture, and infrastructure
- Storage devices, networked devices, the Internet, applications, registry and social media
- Media and storage
- File storage systems, media such as hard disks, network storage, Zip and floppy formats etc. - Files - deleted files, hidden files, monitoring processes, and encryption issues
In particular it will address :
- Computer systems components, architecture, and infrastructure
- Storage devices, networked devices, the Internet, applications, registry and social media
- Media and storage
- File storage systems, media such as hard disks, network storage, Zip and floppy formats etc. - Files - deleted files, hidden files, monitoring processes, and encryption issues
Module Learning Outcomes
1. DISCUSS CRITICALLY FUNDAMENTAL FORENSIC COMPUTING CONCEPTS AND COMPONENTS IN RELATION TO A TYPICAL COMPUTER SYSTEM.
Reflection
2. CRITICALLY DOCUMENT THE LOCATIONS OF FORENSICALLY SIGNIFICANT DATA AND THE MEANS TO RECOVER THIS INFORMATION USING A VARIETY ADVANCED INDUSTRIAL STANDARD TECHNIQUES. Knowledge & Understanding
3. EVALUATE THE IMPLEMENTATION OF ACPO GUIDELINES TO COLLECT AND PRESENT DIGITAL EVIDENCE. Problem Solving
4. PRESENT THROUGH SELF EVALUATION AND INTERPETATION THE LOCATION OF DIGITAL EVIDENCE WITHIN A DIGITAL DEVICE AND THE STEPS OF EVIDENCE PRESERVATION USING ADVANCED PROFESSIONAL PRACTICE THROUGH PRACTICAL INVESTIGATION AND ARTEFACT DEVELOPMENT. Communication
Reflection
2. CRITICALLY DOCUMENT THE LOCATIONS OF FORENSICALLY SIGNIFICANT DATA AND THE MEANS TO RECOVER THIS INFORMATION USING A VARIETY ADVANCED INDUSTRIAL STANDARD TECHNIQUES. Knowledge & Understanding
3. EVALUATE THE IMPLEMENTATION OF ACPO GUIDELINES TO COLLECT AND PRESENT DIGITAL EVIDENCE. Problem Solving
4. PRESENT THROUGH SELF EVALUATION AND INTERPETATION THE LOCATION OF DIGITAL EVIDENCE WITHIN A DIGITAL DEVICE AND THE STEPS OF EVIDENCE PRESERVATION USING ADVANCED PROFESSIONAL PRACTICE THROUGH PRACTICAL INVESTIGATION AND ARTEFACT DEVELOPMENT. Communication
Web Descriptor
This module covers the main aspects of digital forensics, tools and methodologies in computing system investigations and provides an understanding of device operations, the location of digital artefacts, and how to safely preserve and acquire digital evidence.