May 17, 2022  
2020-2021 Course Catalog 
    
2020-2021 Course Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

NET 180 - Digital Forensic Analysis II

Credits: 3
Lecture Hours: 2
Lab Hours: 2
Practicum Hours: 0
Work Experience: 0
Course Type: Voc/Tech
This course is a continuation of study relating to digital forensic artifacts and data recovery topics. Topics discussed in this course include the investigation and analysis of common evidentiary artifacts that are recoverable in typical operating systems and applications used in computers and mobile devices.  Software and hardware tools are widely used through various case studies and exercises to reinforce discussion topics.
Prerequisite: NET 179  
Competencies
  1. Perform in depth analysis of Internet-based data.
    1. Make use of captured traffic
    2. Identify on-line data types
  2. Analyze e-mail evidence
    1. Identify common email applications
    2. Conduct email preservation
    3. Conduct searches across emails
    4. Describe email header contents
  3. Utilize simple data encryption and decryption techniques
    1. Document encryption breaking processes
    2. Identifying specific types of encryption used
  4. Identify specific artifacts from Microsoft operating systems, to include as applicable: Registry, Recycle Bin, Date and Time stamps, Master File Table, Metadata files, and Databases.
  5. Analyze artifacts from Apple operating systems
    1. Recover data from various locations within the operating system
    2. Distinguish types of data relevant for investigations 
  6. Utilize advanced aspects of industry standard forensic tools
    1. Demonstrate use of forensically sound tools
    2. Contrast the different tools used in industry: open source vs proprietary.
  7. Describe use of virtualization for investigation
  8. Demonstrate appropriate documentation procedures
    1. List the steps necessary for proper documentation
    2. Outline the procedures for chain of custody 
  9. Evaluate proper procedures for investigating mobile devices
    1. Compare and contrast mobile devices from standard computers
    2. Define common terms and acronyms associated with mobile devices
    3. Describe the purpose and demonstrate the implementation of network isolation techniques during acquisition and investigation
    4. Use common software tools for mobile device analysis to obtain pertinent information

 



Add to Portfolio (opens a new window)