Apr 20, 2024  
2018-2019 Course Catalog 
    
Catalog Navigation
  Catalog Home
  President’s Welcome
  Programs Available 2018-2019
  Programs By Degree Type
  Program by Campus
  Course Descriptions & Competencies
  Program Requirements & Graduation

  Profile of DMACC
  Campus Maps & Directories
  Faculty and Staff 2018-2019

  2018-2019 Academic Calendar
  Frequently Asked Questions
  Student Handbook
  Admissions
  Registration
  Educational Expense/Student Accounts
  Financial Aid
  Academic Information
  Student Services
  Student Activities

  DMACC Business Resources
  Continuing Education & Specialized Programs
  DMACC Foundation
  Archived Catalogs
  My Portfolio
HELP
2018-2019 Course Catalog [ARCHIVED CATALOG]

Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio (opens a new window)

CRJ 276 - Computer Forensics II

Credits: 3
Lecture Hours: 2
Lab Hours: 2
Practicum Hours: 0
Work Experience: 0
Course Type: Open
This course is a continuation of study relating to computer forensics and data recovery topics. Topics discussed in this course include the investigation and analysis of password-protected and encrypted data, slack space, swap files and portable data storage/ communication devices including PDAs and mobile phones. Software and hardware tools are widely used through various case studies and exercises to reinforce discussion topics.
Prerequisite: CRJ 176  
Competencies
  1. Identify and analyze web browser-based data.
    1. Identify common web browser applications
    2. Define “cache” and “cookies”.
    3. Describe web browser data artifacts
    4. Recover data from browser catches, stored form information and other cookies
    5. Recognize “secure site” artifacts
  2. Identify and analyze e-mail evidence
    1. Identify common email applications
    2. Compare and contrast online versus offline email storage
    3. Describe email header contents
    4. Describe attachment encoding schemes
    5. Describe privacy/encryption typically used with email
  3. Describe simple data encryption and decryption techniques
    1. Document encryption breaking processes
    2. Describe brute-force encryption breaking attempts
    3. Describe dictionary-base encryption breaking attempts
    4. Utilize software tools to automate encryption breaking attempts and custom dictionary creation
  4. Describe and demonstrate “slack” space analysis
    1. Define “slack” as it applies to drives, partitions, clusters, and sectors
    2. Describe how data in slack originates through standard operations
    3. Describe clandestine use of slack for storage
    4. Identify and recover data in slack using common software tools
  5. Describe and demonstrate “swap” space analysis
    1. Define “swap space” and “virtual memory”.
    2. Identify BIOS/operating systems specific system-settings used to configure swap
    3. Demonstrate analysis of swap space using common software tools 
  6. Describe and demonstrate recovery of user-intended, deleted data using common software tools
    1. Identify operating system specific deletion schemes
    2. Compare and contrast data recovery and analysis from deleted versus re-formatted media
  7. Perform “real-time” investigation using investigative methods and software-based tools
    1. Maintain use forensic duplicates for investigation unless absolutely unavailable
    2. Describe use of virtualization for investigation
    3. Demonstrate appropriate documentation procedures 
  8. Describe and demonstrate proper procedures for investigating mobile devices
    1. Compare and contrast portable data/communication devices from standard computers
    2. Define “SIM Cart”, “iDen”, “SMS”, “MMS”, “TDMA”, “CDMA”, “GSM”.
    3. Describe the purpose and demonstrate the implementation of network isolation techniques during acquisition and investigation
    4. Use common software tools for mobile device analysis to obtain pertinent information including Handset Time and Date, Serial Numbers, Dialed Calls, Received Calls, Phonebook, SMS, Calendar, Memos, To Do Lists, Pictures, Video, and Audio


Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio (opens a new window)