Add to collection(s) Add to saved
  1. Social Science
  2. Law
  3. Forensic Science

ISYS 377 CYBER FORENSICS COURSE SYLLABUS Spring 2014

advertisement 
ISYS 377 CYBER FORENSICS
COURSE SYLLABUS
Spring 2014
Time: MW 1:00-2:15 p.m.
Location: Hiner G14
Instructor: Dr. Glenn S. Dardick, Ph.D.
Office Telephone: 434-395-2377
Office Location: Hiner G13
Office Hours: MW: By Appointment
Course Description: This is a fundamental required course as part of an interdisciplinary curriculum that
is very much in demand in today’s society. This course covers cyber forensics as part of one of the three
academic areas in the interdisciplinary curriculum. The three areas covered are cyber security, cyber
forensics, and cyber policy and law. This class covers methods and tools for gaining forensic information
from computer systems and networks. It includes case studies of cybercrimes as well as the application and
management of cyber forensics. The course introduces students to forensics tools using hands-on
experience and the Internet. 3 credit.
Prerequisites: ISYS 370 or CMSC 121 or permission of instructor.
Required Text: This course requires a bundle of the following three textbooks. The ISBN for this bundle
is 9781111124304. EC-Council series. Boston, MA: Cengage, 2010.
 Computer Forensics: Investigation Procedures and Response, 1st ed. ISBN-10: 1435483499.
ISBN-13: 9781435483491.
 Computer Forensics: Hard Disk and Operating Systems, 1st ed. ISBN-10: 1435483502. ISBN13: 9781435483507.
 Computer Forensics: Investigating Data and Image Files, 1st ed. ISBN-10: 1435483510. ISBN13: 9781435483514.
Materials: The student is required to have, and bring, a notebook computer.
Course Objectives: Students completing this course will become familiar with the core digital forensics
tools and the environment in which they are used. Students will also become familiar with rules of evidence,
eDiscovery and various cyber laws relative to digital forensics.
Course Contents:
 Computer Forensics and Investigation Processes.
 Computing Investigations.
 The Investigator's Office and Laboratory.
 Data Acquisitions.
 Processing Crime and Incident Scenes.
 Working with Windows and DOS Systems.
 Current Computer Forensics Tools.
 Computer Forensics Analysis.
 Virtual Machines, Network Forensics, and Live Acquisitions.
 E-mail Investigations.
 Mobile Device Forensics.
 Report Writing for High-Tech Investigations.
 Expert Testimony in High-Tech Investigations.
1

Ethics and High-Tech Investigations.
Class Schedule: Class section meets for approximately 45 hours – 3 hours per week for 15 weeks. The
attached table outlines the course schedule and content.
Grading: The grade in this class will be determined using the following components. The component and
weighting of each component is as follows:
Final Exam
Test1
Test2
Test3
Quizzes
Assignments
Project
Total
15%
10%
10%
10%
18%
12%
25%
100%
(15pts)
(10pts)
(10pts)
(10pts)
(18pts)
(12pts)
(25pts)
(100pts)
Grading:
90 – 100
80 - 89
70 - 79
60 - 69
under 60
A
B
C
D
F
Attendance Policy: The attendance policy follows the guidelines stated in the Longwood Catalog which
may be found at the following URL: http://www.longwood.edu/registrar/19343.htm#attendance
According to the attendance policy, instructors have the right to lower a student's course grade, but no more
than one letter grade, if the student misses 10% of the scheduled class meeting times for unexcused
absences. Instructors also have the right to assign a course grade of "F" when the student has missed a total
(excused and unexcused) of 25% of the scheduled class meeting times. Students must assume full
responsibility for any loss incurred because of absence, whether excused or unexcused. All work missed
because of absences will receive a grade of zero. Excused absences are those resulting from the student’s
participation in a university-sponsored activity, from recognizable emergencies, or from serious illness.
Make-ups: Missed quizzes cannot be made up and count as a 0. In exceptional cases such as medical
emergencies, requests and acceptable justification for rescheduling of an exam may be made to Dr. Dardick
at least 24 hours before the scheduled test date. Make-ups will be given at a time and in a form decided by
the instructor.
Honor Code: Students are encouraged to review the Longwood University Honor System detailed in the
Undergraduate Catalog: “Students are expected to assume full responsibility for their actions and refrain
from lying, cheating, stealing, and plagiarism.” Students must sign the Honor Pledge on all assignments
and exams in this class.
CBE Academic Dishonesty Policy: Cheating in any form will not be tolerated in the College of Business
and Economics (CBE). If the instructor determines that a student has cheated on an assignment, the grade
of “F” may be assigned for the entire course. “Cheating” is the use of unauthorized resources and/or work
of another including but not limited to homework, tests, papers, presentations and exams. Unless
specifically instructed otherwise, students are to assume that all coursework is to be the work of the
individual student alone. If a student is unsure as to whether collaboration is permitted, the professor should
be contacted in advance of performing the work.
Tests and Quizzes: All tests and quizzes taken must be taken in the assigned classroom (or the Learning
Center by prior arrangement). Test and quizzes will require a notebook computer able to connect to the
Longwood network. It is the student’s responsibility to assure that their computer is set up correctly.
Communications: We will be using the Longwood Canvas facilities and email.
2
Inclement Weather Policy: Check the Longwood Canvas system for notices and instructions concerning
this class. In cases of inclement weather, commuter and campus based disabled students will be permitted
to make decisions about whether or not to attend classes without penalty. If the University is open, it is
expected that residence students will attend all classes being held that day.
Learning Disabilities: Any student who feels that he or she may need accommodations based on a learning
disability should make an appointment to discuss the disabilities with the instructor or the staff at The Office
of Disability Resources (434-395-2391).
Comments: The instructor reserves the right to make any appropriate and necessary changes to the class
schedule and syllabus. Students are responsible for all materials covered in class as well as materials in the
textbook. If you must be absent, the instructor assumes that you have obtained notes from a classmate. Any
student having difficulty with the materials should make an appointment to see the instructor.
CLASS SCHEDULE
Wk
Day
Date
1
M
1/13
No class
W
1/15
Introduction
M
1/20
MLK Day – no class
W
1/22
Introduction
V1, Ch1: Computer Forensics in Today's
World
M
1/27
The Forensics Laboratory
V1, Ch2: Computer Forensics Lab
W
1/29
Investigations
V1, Ch3: Computer Investigation Process
V1, Ch4: First Responder Procedures
M
2/3
Computer Hardware and Devices
Assignment: Hardware
W
2/5
Computer Hardware and Devices
File Systems
V2, Ch1: Understanding File Systems and
Hard Disks
V2, Ch2: Understanding Digital Media
Devices
M
2/10
Forensics Software Applications
V3, Ch2: Data Acquisition and Duplication
Assignment: Software
W
2/12
Forensics Software Applications
V2, Ch4: Windows Forensics I
M
2/17
Forensics Software Applications
V2, Ch4: Windows Forensics I
W
2/19
M
2/24
Investigations
V1, Ch5: Incident Handling
W
2/26
Investigations
V1, Ch6: Investigative Reports
M
3/3
F
3/7
M
3/10
Investigations
W
3/12
Windows Forensics
2
3
4
5
6
7
8
9
Topic
Readings
TEST 1
Spring Break
Assignment: Testimony and Expert Witness
Reports
V2, Ch5: Windows Forensics II
3
10
11
12
13
14
15
16
M
3/17
Windows Forensics
V2, Ch5: Windows Forensics II
W
319
Windows Forensics
V2, Ch5: Windows Forensics II
M
3/24
Windows Forensics
V3, Ch4: Recovering Deleted Files and
Deleted Partitions
W
3/26
M
3/31
File Systems
W
4/2
Investigations
V2, Ch3: Windows, Linux and Macintosh
Boot Processes
V2, Ch7: Application Password Crackers
M
4/7
Graphics
V3, Ch5: Image File Forensics
W
4/9
Graphics
V3, Ch1: Steganography
M
4/14
File Systems
V2, Ch6: Linux Forensics
W
4/16
Forensic Software Applications
V3, Ch3: Forensics Investigations Using
EnCase
M
4/21
W
4/23
Project
F
5/2
3:00-5:30 p.m. – FINAL EXAM
TEST 2
TEST 3
4
Related documents
Digital Forensics and Cyber Psychology
Digital Forensics and Cyber Psychology
Information Systems and Internet Security (ISIS) Lab Some Recent
Information Systems and Internet Security (ISIS) Lab Some Recent
Digital…it`s how we live! - Expert Insights, Computer Forensics
Digital…it`s how we live! - Expert Insights, Computer Forensics
docx - Mickey Lasky
docx - Mickey Lasky
Taib investigation CC#98
Taib investigation CC#98
PPT Presentation - Projects at Harvard
PPT Presentation - Projects at Harvard
In-Class #10
In-Class #10
Qualifying Digital Forensic Practitioners as Expert
Qualifying Digital Forensic Practitioners as Expert
Dead-box and Live-box analysis - PSNA CET
Dead-box and Live-box analysis - PSNA CET
IRP 4 Forensics
IRP 4 Forensics
Download
advertisement