Digital Forensics
Overview
The students will learn digital forensics concepts, tactical issues, the methodologies used, and the tools needed to perform forensics investigations. Digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet will be discussed. Students will get hands-on laboratory experience in using various digital forensic tools such as Autopsy/The Sleuth Kit, OSForensics, EnCase, FTK, Cellebrite, BlackLight or equivalent to apply the concepts learned in the course.
- Digital Forensics Profession and Investigations concepts.
- Data Acquisition and Evidence Discovery
- Digital Forensics Analysis and Validation.
- Current Digital Forensics Tools.
- Operating Systems Forensics
- Virtual Machine and Cloud Forensics.
- Live Acquisitions and Network Forensics.
- Email and Multimedia Investigations.
- Cell Phone and Mobile Device Investigations
- Anti-forensics methods/tools
Lectures, seminars, demonstrations, and hands-on exercises in the lab
Means of Assessment*
Labs/Assignments/Project(s) |
20-30% |
Quiz(zes)** |
10-20% |
Midterm Examination** |
25-35% |
Final Examination** |
25-35% |
Total |
100% |
*Some of these assessments may involve group work.
**In order to pass the course, students must, in addition to receiving an overall course grade of 50%, also achieve a grade of at least 50% on the combined weighted examination components (including quizzes, tests, exams).
Students may conduct research as part of their coursework in this class. Instructors for the course are responsible for ensuring that student research projects comply with College policies on ethical conduct for research involving humans, which can require obtaining Informed Consent from participants and getting the approval of the Douglas College Research Ethics Board prior to conducting the research.
Upon successful completion of the course, the student will be able to:
- Describe the concept of digital forensics, and explain its utility in cyber security.
- Identify and summarize requirements, procedures and protocols involved to conduct a digital forensic investigation
- Demonstrate knowledge of the process of data acquisition, and identify digital evidence for forensic investigations
- Identify and demonstrate knowledge of file system, boot processes and registries for various operating systems.
- Use and apply various digital forensic tools to conduct forensic investigations including data acquisition, evidence discovery, validation, and analysis.
- Design, devise, implement and conduct forensic investigations with use-case scenarios involving multimedia, email, network, cloud, mobile, social networking and location-aware applications.
- Identify, describe and demonstrate knowledge of anti-forensic methods and tools.
Textbook/Materials
Nelson, B., Phillips, A., and Steuart, C. Guide to Computer Forensics and Investigations. Latest edition.
OR
Other textbook approved by department
Recommended Reference (optional)
J. Sammons, The Basics of Digital Forensics, latest edition
Publisher: Syngress
Requisites
Course Guidelines
Course Guidelines for previous years are viewable by selecting the version desired. If you took this course and do not see a listing for the starting semester / year of the course, consider the previous version as the applicable version.
Course Transfers
These are for current course guidelines only. For a full list of archived courses please see https://www.bctransferguide.ca
Institution | Transfer details for CSIS 4150 |
---|---|
College of the Rockies (COTR) | COTR COMP 2XX (3) |
Langara College (LANG) | LANG CPSC 2810 (3) |
Northern Lights College (NLC) | No credit |
Okanagan College (OC) | OC COSC 1XX (3) |
University Canada West (UCW) | UCW CPSC 4XX (3) |
University of Northern BC (UNBC) | UNBC CPSC 4XX (3) |
University of the Fraser Valley (UFV) | UFV CIS 497C (3) |
Vancouver Community College (VCC) | No credit |