Module Descriptors
CYBERCRIME FORENSIC ANALYSIS
COCS70641
Key Facts
Digital, Technology, Innovation and Business
Level 7
15 credits
Contact
Leader: Pantaleon Lutta Odongo
Hours of Study
Scheduled Learning and Teaching Activities: 39
Independent Study Hours: 111
Total Learning Hours: 150
Assessment
  • AN ASSIGNMENT (3000 WORDS) weighted at 100%
Module Details
Module Additional Assessment Details
An assignmend of approximately 3000 words weighted at 100% (Learning Outcomes 1,2,3,4)
Module Indicative Content
This module covers the main aspects and concepts of forensic computing considering the topic in relation to individual and networked computer systems. In particular it will address:
An overview and introduction to forensic tools
Computer systems architecture and infrastructure
Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
Media and storage - file storage systems, media such as hard disks, network storage, Zip and floppy formats etc.
Files - deleted files, hidden files, monitoring processes, encryption issues, viruses and hacking
Watermarks, steganography, criminal activity tracking, logging, and packet sniffing
Data recovery and audit trails
Module Special Admissions Requirements
None.
Module Resources
Access to the Digital Forensic Lab,
Digital Forensics Software (EnCase, FTK, NetAnalysis)
Sanitised cases accumulated by the Faculty

Module Texts
Windows Forensics Analysis, Carvey H, 2009, Syngress, ISBN: 978-1-59749-9
Guide to Computer Forensics and Investigations, Nelson B, A. Phillips, et. al, 2010, Thompson, ISBN: 1435498836
Forensic Computing: A Practitioners Guide, Sammes T, B. Jenkinson, Second Edition 2010, Springer-Verlag, ISBN: 184996596X
Windows Forensic Analysis DVD Toolkit, Carvey, H, 2nd Edition 2010, Syngress, ISBN: 9781597494229
Module Learning Strategies
The material will be presented through a combination of lectures, tutorials, practical exercises and directed self-study as a substitution for some tutorials.

13 hours of lectures an 26 hours of practicals .

Web Descriptor
You will gain a comprehensive understanding of the main aspects and concepts of forensic computing in relation to individual and network computer systems. On this module you will use a variety of resources, including digital forensics software such as EnCase, FTK, and NetAnalysis.

In particular it may address:
An overview and introduction to forensic tools
Computer systems architecture and infrastructure
Internet, intranet, extranet, individual machines, organiser devices, mobile phones, and other mobile computing systems
Media and storage - file storage systems, media such as hard disks, network storage, Zip and floppy formats etc.
Files - deleted files, hidden files, monitoring processes, encryption issues, viruses and hacking
Watermarks, steganography, criminal activity tracking, logging, and packet sniffing
Data recovery and audit trails