CYB-243 Digital Forensics

4 Credit hours - 2 Lecture, 2 Lab

Prerequisite(s): Grade of “C” or better in CYB 223, CYB 226.

New SU26: Grade of "C" or better CYB-123 and Grade of "C" or better CYB-226

Course Rationale:

Digital technologies are changing the face of business. As organizations rapidly embracing digital technologies such as cloud, mobile, big data and IOT, the context of digital forensics is more relevant than before. The growing number of cybercrimes has changed the role of forensics from DNA to Digital.

Catalog Description:

This class is designed to provide students the necessary skills to perform an effective digital forensics investigation. The course presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence. It is a comprehensive course covering major forensic investigation scenarios that enables students to acquire necessary hands-on experience on various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to prosecution of perpetrators.

Course Objectives

Upon completion of this course, students will be able to:

  1. Understand fundamental concepts of incident response and forensics, perform electronic evidence collection and digital forensic acquisition.

  2. Conduct thorough examinations of computer hard disk drives, and other electronic data storage media and recover information and electronic data from computer hard drives and other data storage devices.

  3. Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files, gather volatile and nonvolatile information from Windows, MAC and Linux, and recover deleted files and partitions in Windows, Mac OS X, and Linux.

  4. Perform data collection using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents.

  5. Conduct reverse engineering for known and suspected malware files, and identify data, images and/or activity which may be the target of an internal investigation.

Core Outcomes

Test Out Requirements

PreviousCYB-226 Cybersecurity OperationsNextCYB-253 Ethical Hacking

Last updated