Course

Digital Forensics

Faculty
Commerce & Business Administration
Department
Computing Studies & Information Systems
Course code
CSIS 4150
Credits
3.00
Semester length
15 weeks
Max class size
Lecture: 35/Lab: 35
Method(s) of instruction
Lecture
Lab
Typically offered
To be determined

Overview

Course description
This course will provide a foundation of concepts in digital forensics including theory, technical tools and methodologies employed in this area. It is aimed at students with limited or no prior exposure to digital forensics. The students are expected to have prior knowledge of networking and network security concepts.
The students will learn digital forensics concepts, tactical issues, the methodologies used, and the tools needed to perform forensics investigations. Digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet will be discussed. Students will get hands-on laboratory experience in using various digital forensic tools such as Autopsy/The Sleuth Kit, OSForensics, EnCase, FTK, Cellebrite, BlackLight or equivalent to apply the concepts learned in the course.
Course content
  1. Digital Forensics Profession and Investigations concepts.
  2. Data Acquisition and Evidence Discovery
  3. Digital Forensics Analysis and Validation.
  4. Current Digital Forensics Tools.
  5. Operating Systems Forensics
  6. Virtual Machine and Cloud Forensics.
  7. Live Acquisitions and Network Forensics.
  8. Email and Multimedia Investigations.
  9. Cell Phone and Mobile Device Investigations
  10. Anti-forensics methods/tools
Learning activities

Lectures, seminars, demonstrations, and hands-on exercises in the lab

Means of assessment

Means of Assessment*

Labs/Assignments/Project(s)

20-30%

Quiz(zes)**

10-20%

Midterm Examination**

25-35%

Final Examination**

25-35%

Total

100%

*Some of these assessments may involve group work.

**In order to pass the course, students must, in addition to receiving an overall course grade of 50%, also achieve a grade of at least 50% on the combined weighted examination components (including quizzes, tests, exams).

Students may conduct research as part of their coursework in this class. Instructors for the course are responsible for ensuring that student research projects comply with College policies on ethical conduct for research involving humans, which can require obtaining Informed Consent from participants and getting the approval of the Douglas College Research Ethics Board prior to conducting the research.

Learning outcomes

Upon successful completion of the course, the student will be able to:

  1. Describe the concept of digital forensics, and explain its utility in cyber security.
  2. Identify and summarize requirements, procedures and protocols involved to conduct a digital forensic investigation
  3. Demonstrate knowledge of the process of data acquisition, and identify digital evidence for forensic investigations
  4. Identify and demonstrate knowledge of file system, boot processes and registries for various operating systems.
  5. Use and apply various digital forensic tools to conduct forensic investigations including data acquisition, evidence discovery, validation, and analysis.
  6. Design, devise, implement and conduct forensic investigations with use-case scenarios involving multimedia, email, network, cloud, mobile, social networking and location-aware applications.
  7. Identify, describe and demonstrate knowledge of anti-forensic methods and tools.

 

Textbook materials

Textbook/Materials

Nelson, B., Phillips, A., and Steuart, C. Guide to Computer Forensics and Investigations. Latest edition.

OR

Other textbook approved by department

 

Recommended Reference (optional)

J. Sammons, The Basics of Digital Forensics, latest edition

Publisher: Syngress

 

Requisites

Prerequisites

Min grade C in (CSIS 2260 and CSIS 2270)

 

Corequisites

Nil

Equivalencies

Nil

Course Guidelines

Course Guidelines for previous years are viewable by selecting the version desired. If you took this course and do not see a listing for the starting semester / year of the course, consider the previous version as the applicable version.

Course Transfers

These are for current course guidelines only. For a full list of archived courses please see https://www.bctransferguide.ca

Institution Transfer details for CSIS 4150
College of the Rockies (COTR) COTR COMP 2XX (3)
Langara College (LANG) LANG CPSC 2810 (3)
Northern Lights College (NLC) No credit
Okanagan College (OC) OC COSC 1XX (3)
University Canada West (UCW) UCW CPSC 4XX (3)
University of Northern BC (UNBC) UNBC CPSC 4XX (3)
University of the Fraser Valley (UFV) UFV CIS 497C (3)
Vancouver Community College (VCC) No credit

Course Offerings

Winter 2025