Computer Forensics introduction part A

Size: px
Start display at page:

Download "Computer Forensics introduction part A"

Transcription

1 Computer Forensics introduction part A Dr. Magdalena Szeżyńska, CISA Institute of Electronic Systems WUT Summer 2016

2 Digital Forensic Investigation Concepts A digital investigation is a process to answer questions about digital states and events. A digital forensic investigation is a special case of a digital investigation where the procedures and techniques that are used will allow the results to be entered into a court of law. Brian Carrier 2

3 Computer Forensics Forensics Computing Computer forensics is the process of identifying, preserving, analysing and presenting digital evidence in a manner that is legally acceptable. R. McKemmish 'What is Forensic Computing?' (Australian Institute of Criminology, 1999) 3

4 Course Objective To deliver baselines (practical, bottom-oriented knowledge) of sound computer forensics practices enabling information technology and information security professionals to ensure the overall integrity and survivability of their IT infrastructure. Actually one needs many years of training and practice to become a computer forensics specialist. You are going to get here an introduction to CF and some guidance about what to study next. 4

5 Course Description - Lectures Introduction to baselines of computer forensics definitions, needs, requirements, legal and ethical aspects; investigation phases preparations and start of an investigation, case study, analysis of evidence, documentation. Computer forensics as a part of information (systems) security controls information security incident response, legal and regulatory aspects, successful investigations, forensic analysis. The discovery, recovery, preservation, analysis and control of electronic evidence, presentation standards. 5

6 Course Description - Lectures Tools of trade (TCT, Sleuthkit, Autopsy, CF-oriented Linux distributions, solutions for other platforms, commercial tools, ediscovery). Virtualization and computer forensics. Booting processes, start disks, boot sectors and partitions, system loaders and managers, preparing and using bootable CD/DVD and USB images. File systems specifications, data structures, investigation techniques. 6

7 Course Description - Lectures Identifying data types, reconstruction and analysis of files and data areas in search of evidence, interpretation of system and application logs, proving break-ins. Mobile device forensics. Investigation of live systems and network data flows, searching for evidence on the Internet. Case studies. 7

8 Course Description - Labs Tutorial: getting familiar with the lab environment, recovering files from a formatted and/or reused thumb drive image emphasis on documentation. Making and analyzing an image of a FAT file system partition and recovering hidden data from it questions and answers. Analyzing an image of an NTFS file system partition and recovering hidden data from it, using Linux- and Windowsbased tools reconstructing timelines. 8

9 Course Description - Labs Two of four: Performing post-intrusion analysis of a Linux system (based on known source images and solutions). Analyzing a feature mobile phone (based on known source images and solutions). Analyzing Windows 7 everything is in the Registry. Searching for sources of evidence regarding Internet-based criminal activities, e.g. an operation of an Internet investment service (HYIP type). 9

10 Assessment Method Lectures: Two closed notes tests in the middle and at the end of the semester (25 points each). 3 extra points for attendance at lectures (roll-call at random 3 times during the semester). Labs: Five 3-hour labs starting with 10-minute short test, then strictly individual work with emphasis put on documentation. 5 x 10 points to earn. 10

11 Assessment Method No retakes. No requirement to pass lecture tests and labs separately. Final score: Points earned for tests and labs sum up, more than 50 points required to pass, linear grade scale (up to 60 points for 3, up to 70 points for 3,5 etc.) 11

12 ECTS Credits Contact hours 45 h: lectures 30 h labs 15 h Private learning: labs 20 h Office hours 2 h Private learning: studying literature 15 h Private learning: preparation for tests/exams 20 h Total: 102 h == 4 ECTS credits. Informatyka śledcza - w01a - informacje wstępne 12

13 Course Page Learning materials, announcements etc. will be published at the CF course page: Recommended software: Books and guides: Access to learning materials will require authentication. Individual user names and passwords will be issued to each student after they send an introductory to from their official address 13

14 Who s Who Magdalena Szeżyńska, PhD, CISA specialization: electronics and computer engineering, cryptography, information security, information systems audit and control, computer forensics, course coordination, lectures, office hours: Tue. 12:30-1:30 p.m. or by appointment, room 249GE, 14

15 Who s Who Krzysztof Gołofit, PhD (Eng), MSc specialization: electronics and computer engineering, cryptography, information security, information systems audit, computer forensics, work and organizational psychology, labs, support, office hours: by appointment, room 249GE, 15

16 Communication Please write to the official addresses of the teachers and (no alternatives shall be read and/or answered). s coming from addresses in the pw.edu.pl domain will be answered as soon as possible. s coming from elsewhere will be answered sporadically (if ever). 16

Tuskegee University Department of Computer Science Course No: CSCI 390 (Computer Forensics) Fall 2011 - MWF 1:00-2:300, BRIM 301

Tuskegee University Department of Computer Science Course No: CSCI 390 (Computer Forensics) Fall 2011 - MWF 1:00-2:300, BRIM 301 Tuskegee University Department of Computer Science Course No: CSCI 390 (Computer Forensics) Fall 2011 - MWF 1:00-2:300, BRIM 301 Instructor: Dr. C. L. Chen Office: In the office complex Phone: 727-8554

More information

CTC 328: Computer Forensics

CTC 328: Computer Forensics FALL 2010 CSUDH COMPUTER SCIENCE DEPARTMENT CTC 328: Computer Forensics Instructor: Adam Kaplan, Ph.D. E-Mail: akaplan@csudh.edu Office: NSM E-117 WWW (Blackboard Site): http://toro.csudh.edu Class Meetings:

More information

CYBER FORENSICS (W/LAB) Course Syllabus

CYBER FORENSICS (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 CYBER FORENSICS (W/LAB) Course Syllabus Course Number: CSFS-0020 OHLAP Credit: Yes OCAS Code: 8134 Course Length: 130 Hours Career Cluster: Information

More information

ITM 642: Digital Forensics Sanjay Goel School of Business University at Albany, State University of New York

ITM 642: Digital Forensics Sanjay Goel School of Business University at Albany, State University of New York INSTRUCTOR INFORMATION Name: Sanjay Goel Email: goel@albany.edu Phone: (518) 442-4925 Office Location: BA 310b, University at Albany Office Hours: TBD CLASS INFORMATION Time: N/A Location: Online Dates:

More information

DIGITAL FORENSICS SPECIALIZATION IN BACHELOR OF SCIENCE IN COMPUTING SCIENCE PROGRAM

DIGITAL FORENSICS SPECIALIZATION IN BACHELOR OF SCIENCE IN COMPUTING SCIENCE PROGRAM DIGITAL FORENSICS SPECIALIZATION IN BACHELOR OF SCIENCE IN COMPUTING SCIENCE PROGRAM Proposed Program Title: Bachelor of Science in Computing Science- Specialization in Digital Forensics Specialization

More information

Computer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065

Computer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065 Computer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065 Introduction The Computer Forensics and Investigation course presents methods to properly conduct a computer forensics investigation

More information

Kaspersky Lab s Full Disk Encryption Technology

Kaspersky Lab s Full Disk Encryption Technology Kaspersky Lab s Full Disk Encryption Technology In the US alone, an estimated 12,000 laptops are lost or stolen each week. According to the Ponemon Institute, a laptop is stolen every 53 seconds; more

More information

COS/PSA 412 Computer Forensics and Investigations

COS/PSA 412 Computer Forensics and Investigations COS/PSA 412 Computer Forensics and Investigations Date: November 18, 2003 Division: Natural and Behavioral Sciences Number of Credits: 4 Location: Nadeau 109 Meeting Times: TBD Course Description Computer

More information

Forensics source: Edward Fjellskål, NorCERT, Nasjonal sikkerhetsmyndighet (NSM)

Forensics source: Edward Fjellskål, NorCERT, Nasjonal sikkerhetsmyndighet (NSM) s Unix Definition of : Computer Coherent application of a methodical investigatory techniques to solve crime cases. Forensics source: Edward Fjellskål, NorCERT, Nasjonal sikkerhetsmyndighet (NSM) s Unix

More information

CDFE Certified Digital Forensics Examiner (CFED Replacement)

CDFE Certified Digital Forensics Examiner (CFED Replacement) Course: CDFE Certified Digital Forensics Examiner (CFED Replacement) Description: Price: $3,450.00 Category: Popular Courses Duration: 5 days Schedule: Request Dates Outline: COURSE OVERVIEW Computer Forensics

More information

ENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING

ENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING ENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING MODULE A INTRODUCTION TO COMPUTER FORENSICS AND NVESTIGATIONS A1.0 Explain concepts related to computer forensics. A1.1 This module is measured

More information

Developing Computer Forensics Solutions for Terabyte Investigations

Developing Computer Forensics Solutions for Terabyte Investigations Developing Computer Forensics Solutions for Terabyte Investigations Eric Thompson Corporation Orem, Utah USA www.accessdata.com Overview Computer Forensic Definition, Objectives and Policies History of

More information

CCE Certification Competencies

CCE Certification Competencies CCE Certification Competencies May 10, 2012 Page 1 The Certified Computer Examiner (CCE) has evolved into one of the most desired certifications in the computer forensics industry. The certification is

More information

EnCase 7 - Basic + Intermediate Topics

EnCase 7 - Basic + Intermediate Topics EnCase 7 - Basic + Intermediate Topics Course Objectives This 4 day class is designed to familiarize the student with the many artifacts left behind on Windows based media and how to conduct a forensic

More information

information security and its Describe what drives the need for information security.

information security and its Describe what drives the need for information security. Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.

More information

RE: School of Computer Forensic Investigation, Class 7, Eastern Michigan University

RE: School of Computer Forensic Investigation, Class 7, Eastern Michigan University December 12, 2006 RE: School of Computer Forensic Investigation, Class 7, Eastern Michigan University Dear Applicant Agency: The Center for Regional and National Security are pleased to announce the seventh

More information

Course Title: Computer Forensic Specialist: Data and Image Files

Course Title: Computer Forensic Specialist: Data and Image Files Course Title: Computer Forensic Specialist: Data and Image Files Page 1 of 9 Course Description The Computer Forensic Series by EC-Council provides the knowledge and skills to identify, track, and prosecute

More information

COWLEY COLLEGE & Area Vocational Technical School

COWLEY COLLEGE & Area Vocational Technical School COWLEY COLLEGE & Area Vocational Technical School COURSE PROCEDURE FOR Student Level: This course is open to students on the college level in either the freshman or sophomore year. Prerequisites: Basic

More information

Digital Forensics Tutorials Acquiring an Image with FTK Imager

Digital Forensics Tutorials Acquiring an Image with FTK Imager Digital Forensics Tutorials Acquiring an Image with FTK Imager Explanation Section Digital Forensics Definition The use of scientifically derived and proven methods toward the preservation, collection,

More information

Open Source and Incident Response

Open Source and Incident Response Open Source and Incident Response Joe Lofshult, CISSP, GCIH 1 Agenda Overview Open Source Tools FIRE Demonstration 2 Overview Incident Adverse event that threatens security in computing systems and networks.

More information

MSc Computer Security and Forensics. Examinations for 2009-2010 / Semester 1

MSc Computer Security and Forensics. Examinations for 2009-2010 / Semester 1 MSc Computer Security and Forensics Cohort: MCSF/09B/PT Examinations for 2009-2010 / Semester 1 MODULE: COMPUTER FORENSICS & CYBERCRIME MODULE CODE: SECU5101 Duration: 2 Hours Instructions to Candidates:

More information

What is Digital Forensics?

What is Digital Forensics? DEVELOPING AN UNDERGRADUATE COURSE IN DIGITAL FORENSICS Warren Harrison PSU Center for Information Assurance Portland State University Portland, Oregon 97207 warren@cs.pdx.edu What is Digital Forensics?

More information

CSN08101 Digital Forensics. Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak

CSN08101 Digital Forensics. Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak CSN08101 Digital Forensics Lecture 1A: Introduction to Forensics Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak Digital Forensics You will learn in this module: The principals of computer

More information

Understanding Backup and Recovery Methods. Lesson 8

Understanding Backup and Recovery Methods. Lesson 8 Understanding Backup and Recovery Methods Lesson 8 Objectives Objective Domain Matrix Technology Skill Objective Domain Description Objective Domain Number Understanding Local, Online, and Automated Understanding

More information

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE COURSE: Windows 2003 Server COURSE NO: CSI 265 CREDIT HOURS: 3 hours of lecture weekly DEPARTMENT: CATALOG DESCRIPTION CSI 265 Windows 2003

More information

Computer Forensics (3 credit hours)

Computer Forensics (3 credit hours) Syllabus for Fall 2010 Computer Forensics (3 credit hours) COURSE INFORMATION Instructor: Smith Office: A 112-B Phone: 291-4920 Email: aurelia.smith@cv.edu Class Time: TH from 7:00 8:15 p.m. Room: A 112

More information

Computer Forensic Tools. Stefan Hager

Computer Forensic Tools. Stefan Hager Computer Forensic Tools Stefan Hager Overview Important policies for computer forensic tools Typical Workflow for analyzing evidence Categories of Tools Demo SS 2007 Advanced Computer Networks 2 Important

More information

CSI Crime Scene Investigations

CSI Crime Scene Investigations CSI Crime Scene Investigations Did Jack do it? Speaker Introductions Amber Schroader Paraben Corporation Oodles of forensic experience Tyler Cohen Federal Government (Still Cool Person) IPod Obsession

More information

The Role of Digital Forensics within a Corporate Organization

The Role of Digital Forensics within a Corporate Organization May 2006, IBSA Conference, Vienna The Role of Digital Forensics within a Corporate Organization Bruce J. Nikkel IT Investigation & Forensics Risk Control, UBS AG Presentation Summary An overview of digital

More information

Master of Science in Information Systems & Security Management. Courses Descriptions

Master of Science in Information Systems & Security Management. Courses Descriptions Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course

More information

(Instructor-led; 3 Days)

(Instructor-led; 3 Days) Information Security Manager: Architecture, Planning, and Governance (Instructor-led; 3 Days) Module I. Information Security Governance A. Introduction to Information Security Governance B. Overview of

More information

TECHNICAL OPERATIONS DIVISION LESSON PLAN

TECHNICAL OPERATIONS DIVISION LESSON PLAN U.S. DEPARTMENT OF HOMELAND SECURITY FEDERAL LAW ENFORCEMENT TRAINING CENTER OFFICE OF TRAINING OPERATIONS TECHNICAL OPERATIONS DIVISION LESSON PLAN FORENSIC HARDWARE 3245 SEP/10 WARNING This document

More information

Guide to Computer Forensics and Investigations, Second Edition

Guide to Computer Forensics and Investigations, Second Edition Guide to Computer Forensics and Investigations, Second Edition Chapter 4 Current Computer Forensics Tools Objectives Understand how to identify needs for computer forensics tools Evaluate the requirements

More information

IS 6363 Computer Forensics Spring 2006

IS 6363 Computer Forensics Spring 2006 Class Information: IS 6363 Computer Forensics Spring 2006 Class Time: 5:30-6:45 p.m. Tue/Thu Class Location: BB 3.03.10 Lab Location & Hours: BB 3.03.10 (Hours as posted. Should mirror APL hours.) Instructor

More information

Computer Forensics Principles and Practices

Computer Forensics Principles and Practices Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 7: Investigating Windows, Linux, and Graphics Files Objectives Conduct efficient and effective investigations of Windows

More information

Introduction to Computer Forensics Course Syllabus Spring 2012

Introduction to Computer Forensics Course Syllabus Spring 2012 Course Information Course Syllabus Spring 2012 Instructor: Dr. Mike Jochen Phone: 570.422.3036 Email: mjochen@esu.edu Office: 337 SCITECH Building Office Hours: Tues/Thurs 11 a.m. noon Weds 9 a.m. noon

More information

Where is computer forensics used?

Where is computer forensics used? What is computer forensics? The preservation, recovery, analysis and reporting of digital artifacts including information stored on computers, storage media (such as a hard disk or CD-ROM), an electronic

More information

CompTIA Security+ In this course, you will implement, monitor, and troubleshoot infrastructure, application, information, and operational security.

CompTIA Security+ In this course, you will implement, monitor, and troubleshoot infrastructure, application, information, and operational security. CompTIA Security+ Duration: 40 Hrs Course Description Overview: CompTIA Security+ (Exam SY0-401) is the primary course you will need to take if your job responsibilities include securing network services,

More information

Digital Forensics. Tom Pigg Executive Director Tennessee CSEC

Digital Forensics. Tom Pigg Executive Director Tennessee CSEC Digital Forensics Tom Pigg Executive Director Tennessee CSEC Definitions Digital forensics Involves obtaining and analyzing digital information as evidence in civil, criminal, or administrative cases Analyze

More information

Monfort College of Business Semester Course Syllabus (2015-2016)

Monfort College of Business Semester Course Syllabus (2015-2016) Monfort College of Business Semester Course Syllabus (2015-2016) COURSE PREFIX/TITLE: BACS 371 Introduction to Computer Forensics Sem. Hrs. 3 Ed. Cap: 40 CATALOG DESCRIPTION: Prerequisite: BACS 300 or

More information

CST 244 Computer Forensics and Investigation Spring, 2010

CST 244 Computer Forensics and Investigation Spring, 2010 CST 244 Computer Forensics and Investigation Spring, 2010 Instructor: Guy Theriault Class Room: 221 Office: Rm 221 Class Hours: Mon thru Fri 8:00 to 10:50 Class Dates: Mar 8 to Apr 16 Office hours: Monday,

More information

CYBER SECURITY SPECIALIZATION. Dr. Andreas Peter Services, Cyber Security, and Safety Group

CYBER SECURITY SPECIALIZATION. Dr. Andreas Peter Services, Cyber Security, and Safety Group 1 CYBER SECURITY SPECIALIZATION Dr. Andreas Peter Services, Cyber Security, and Safety Group 2 CYBER SECURITY Why Cyber Security? Our world increasingly becomes digital and connected Cyber Security is

More information

Computer Security Courses/Programs

Computer Security Courses/Programs Minneapolis, MN. Computer Security Courses/Programs Developed at Metropolitan State University Jigang Liu Department of Information and Computer Sciences College of Arts and Sciences Metropolitan State

More information

I. PREREQUISITES For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

I. PREREQUISITES For information regarding prerequisites for this course, please refer to the Academic Course Catalog. Note: Course content may be changed, term to term, without notice. The information below is provided as a guide for course selection and is not binding in any form, and should not be used to purchase course

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

EC-Council Ethical Hacking and Countermeasures

EC-Council Ethical Hacking and Countermeasures EC-Council Ethical Hacking and Countermeasures Description This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

LINUX / INFORMATION SECURITY

LINUX / INFORMATION SECURITY LINUX / INFORMATION SECURITY CERTIFICATE IN LINUX SYSTEM ADMINISTRATION The Linux open source operating system offers a wide range of graphical and command line tools that can be used to implement a high-performance,

More information

e-discovery Forensics Incident Response

e-discovery Forensics Incident Response e-discovery Forensics Incident Response NetSecurity Corporation 21351 Gentry Drive Suite 230 Dulles, VA 20166 VA DCJS # 11-5605 Phone: 703.444.9009 Toll Free: 1.866.664.6986 Web: www.netsecurity.com Email:

More information

DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE. Vahidin Đaltur, Kemal Hajdarević,

DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE. Vahidin Đaltur, Kemal Hajdarević, DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE Vahidin Đaltur, Kemal Hajdarević, Internacional Burch University, Faculty of Information Technlogy 71000 Sarajevo, Bosnia

More information

Criminal Justice: Law Enforcement Technology

Criminal Justice: Law Enforcement Technology Criminal Justice: Law Enforcement Technology Dr. Kamal Shahrabi, Acting Chair Security Systems & Law Enforcement Technology Dept. Bachelor of Science The Bachelor of Science program in Criminal Justice:

More information

Digital Forensic. A newsletter for IT Professionals. I. Background of Digital Forensic. Definition of Digital Forensic

Digital Forensic. A newsletter for IT Professionals. I. Background of Digital Forensic. Definition of Digital Forensic I Digital Forensic A newsletter for IT Professionals Education Sector Updates Issue 10 I. Background of Digital Forensic Definition of Digital Forensic Digital forensic involves the collection and analysis

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

Network Enabled Digital Forensics. Presented by: Ben Kingston, EnCE, MCSE, A+ FDR Forensic Data Recovery Inc.

Network Enabled Digital Forensics. Presented by: Ben Kingston, EnCE, MCSE, A+ FDR Forensic Data Recovery Inc. Network Enabled Digital Forensics Presented by: Ben Kingston, EnCE, MCSE, A+ FDR Forensic Data Recovery Inc. About the Presenter Founding member of FDR in 2001 Responsible for the implementation of FDR

More information

REGULATIONS ON STUDENT EVALUATION AND ASSESSMENT AT THE FACULTY OF CIVIL ENGINEERING, UNIVERSITY OF RIJEKA CONSOLIDATED TEXT

REGULATIONS ON STUDENT EVALUATION AND ASSESSMENT AT THE FACULTY OF CIVIL ENGINEERING, UNIVERSITY OF RIJEKA CONSOLIDATED TEXT On September 28 th 2012 the Faculty of Civil Engineering, University of Rijeka introduced the consolidated text of the Regulations on Student Evaluation and Assessment at the Faculty of Civil Engineering,

More information

https://agency.governmentjobs.com/dakota/job_bulletin.cfm?jobid=1017820

https://agency.governmentjobs.com/dakota/job_bulletin.cfm?jobid=1017820 Page 1 of 5 DAKOTA COUNTY Employee Relations Administration Center, 1590 Highway 55 Hastings, MN 55033-2372 651.438.4435 http://www.dakotacounty.us INVITES APPLICATIONS FOR THE POSITION OF: Electronic

More information

Digital Forensics Lecture 3. Hard Disk Drive (HDD) Media Forensics

Digital Forensics Lecture 3. Hard Disk Drive (HDD) Media Forensics Digital Forensics Lecture 3 Hard Disk Drive (HDD) Media Forensics Current, Relevant Topics defendants should not use disk-cleaning utilities to wipe portions of their hard drives before turning them over

More information

Days at Location: TUWTH

Days at Location: TUWTH Semester: Fall 2014 Instructor: Gerald Miller Class Info: ITN276-F01 (51919) Phone: (540) 891-3038 Location/Room: FAC2 Room 232 Office Location: FAC2 Room 221 Class Name: Computer Forensics I Days at Location:

More information

Reading Materials: Required Text Book: Marjie T. Britz (2009). COMPUTER FORENSICS AND CYBER CRIME; ISBN-13: 978-0-13-135205-6; 2 nd

Reading Materials: Required Text Book: Marjie T. Britz (2009). COMPUTER FORENSICS AND CYBER CRIME; ISBN-13: 978-0-13-135205-6; 2 nd New Jersey Institute of Technology (NJIT) IS682-101: Computer forensics I Fall, 2013 Instructor: Dr. Charles Pak Email: charlespak@verizon.net Email is the best way to contact me. Here is my cell number

More information

Case Study: Hiring a licensed Security Provider

Case Study: Hiring a licensed Security Provider Case Study: Hiring a licensed Security Provider Company Profile McCann Investigations is a full service private investigation firm providing complete case solutions by employing cutting-edge computer forensics

More information

Managing Applications, Services, Folders, and Libraries

Managing Applications, Services, Folders, and Libraries Lesson 4 Managing Applications, Services, Folders, and Libraries Learning Objectives Students will learn to: Understand Local versus Network Applications Remove or Uninstall an Application Understand Group

More information

2013 Boston Ediscovery Summit. Computer Forensics for the Legal Issue-Spotter

2013 Boston Ediscovery Summit. Computer Forensics for the Legal Issue-Spotter 2013 Boston Ediscovery Summit Computer Forensics for the Legal Issue-Spotter 2006-2013 James Berriman CEO, Evidox Corporation A Preliminary Comment Issue spotting applies to the practice of ediscovery

More information

Overview of Computer Forensics

Overview of Computer Forensics Overview of Computer Forensics Don Mason, Associate Director National Center for Justice and the Rule of Law University of Mississippi School of Law [These materials are based on 4.3.1-4.3.3 in the National

More information

The Proper Acquisition, Preservation, & Analysis of Computer Evidence: Guidelines & Best-Practices

The Proper Acquisition, Preservation, & Analysis of Computer Evidence: Guidelines & Best-Practices The Proper Acquisition, Preservation, & Analysis of Computer Evidence: Guidelines & Best-Practices Introduction As organizations rely more heavily on technology-based methods of communication, many corporations

More information

MSc Studies in Computing

MSc Studies in Computing MSc Studies in Computing presented by Department of Computing www.surrey.ac.uk/computing Why University of Surrey? Campus based university everything is in one place study and live on beautiful campus

More information

Incident Response and Computer Forensics

Incident Response and Computer Forensics Incident Response and Computer Forensics James L. Antonakos WhiteHat Forensics Incident Response Topics Why does an organization need a CSIRT? Who s on the team? Initial Steps Detailed Project Plan Incident

More information

Quick Start Guide. Version R91. English

Quick Start Guide. Version R91. English Using StorageCraft Recovery Environment Quick Start Guide Version R91 English May 20, 2015 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

Acer erecovery Management

Acer erecovery Management 1 Acer erecovery Management Developed by Acer's software team, Acer erecovery Management is a tool that provides you with an easy, reliable and safe means of restoring your computer to its factory default

More information

COMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL)

COMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL) COMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL) COURSE DESCRIPTION: Computer Forensics is focused on teaching

More information

CONCEPT MAPPING FOR DIGITAL FORENSIC INVESTIGATIONS

CONCEPT MAPPING FOR DIGITAL FORENSIC INVESTIGATIONS Chapter 22 CONCEPT MAPPING FOR DIGITAL FORENSIC INVESTIGATIONS April Tanner and David Dampier Abstract Research in digital forensics has yet to focus on modeling case domain information involved in investigations.

More information

Affordable Excellence! School of Health Sciences Psychology. www.nup.ac.cy

Affordable Excellence! School of Health Sciences Psychology. www.nup.ac.cy Affordable Excellence! School of Health Sciences Psychology www.nup.ac.cy UNDERGRADUATE PROGRAMME BSc in Psychology Programme Description The Bachelor of Science in Psychology Programme aims to provide

More information

Criminal Justice Courses

Criminal Justice Courses Criminal Justice Courses Correction Administration - Option Associate in Science (A.S. ) Degree - CJC.AS Semester I ENG 121 English Composition I A passing score on the college s placement test or a grade

More information

A Practical Approach for Evidence Gathering in Windows Environment

A Practical Approach for Evidence Gathering in Windows Environment A Practical Approach for Evidence Gathering in Windows Environment Kaveesh Dashora Department of Computer Science & Engineering Maulana Azad National Institute of Technology Bhopal, India Deepak Singh

More information

Digital Forensic Tool for Decision Making in Computer Security Domain

Digital Forensic Tool for Decision Making in Computer Security Domain Digital Forensic Tool for Decision Making in Computer Security Domain S. K. Khode 1,V. N. Pahune 2 and M. R. Sayankar 3 1, 2, 3 Computer Engineering Department of Bapurao Deshmukh College of Engineering,

More information

Course overview. CompTIA A+ Certification (Exam 220 902) Official Study Guide (G188eng verdraft)

Course overview. CompTIA A+ Certification (Exam 220 902) Official Study Guide (G188eng verdraft) Overview This 5-day course is intended for those wishing to qualify with. A+ is a foundation-level certification designed for IT professionals with around 1 year's experience whose job role is focused

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

Digital Forensics. Larry Daniel

Digital Forensics. Larry Daniel Digital Forensics Larry Daniel Introduction A recent research report from The Yankee Group found that 67.6 percent of US households in 2002 contained at least one PC The investigators foresee three-quarters

More information

Impact of Digital Forensics Training on Computer Incident Response Techniques

Impact of Digital Forensics Training on Computer Incident Response Techniques Impact of Digital Forensics Training on Computer Incident Response Techniques Valorie J. King, PhD Collegiate Associate Professor University of Maryland University College Presentation to AFCEA June 25,

More information

Spring 2014. Department of Marketing & Information Systems Richard J. Wehle School of Business Canisius College

Spring 2014. Department of Marketing & Information Systems Richard J. Wehle School of Business Canisius College Department of Marketing & Information Systems Richard J. Wehle School of Business Canisius College Spring 2014 MSF 704, MBA 602, ISB 460 Computer Forensics Syllabus PROFESSOR: Dr. L. Volonino, CISSP, ACFE

More information

Hands-On How-To Computer Forensics Training

Hands-On How-To Computer Forensics Training j8fm6pmlnqq3ghdgoucsm/ach5zvkzett7guroaqtgzbz8+t+8d2w538ke3c7t 02jjdklhaMFCQHihQAECwMCAQIZAQAKCRDafWsAOnHzRmAeAJ9yABw8v2fGxaq skeu29sdxrpb25zidxpbmznogtheories...ofhilz9e1xthvqxbb0gknrc1ng OKLbRXF/j5jJQPxXaNUu/It1TQHSiyEumrHNsnn65aUMPnrbVOVJ8hV8NQvsUE

More information

Computer Forensics and Security Management (MSCFSM)

Computer Forensics and Security Management (MSCFSM) Computer Forensics and Security Management (MSCFSM) View PDF of Computer Forensics and Security Management Admissions Checklist Prospective students should use this checklist to obtain specific admissions

More information

Design and Implementation of Digital Forensics Labs:

Design and Implementation of Digital Forensics Labs: Design and Implementation of Digital Forensics Labs: A Case Study for Teaching Digital Forensics to Undergraduate Students Hongmei Chi, Christy Chatmon, Edward Jones, and Deidre Evans Computer and Information

More information

Security+ P a g e 1 of 5. 5-Day Instructor Led Course

Security+ P a g e 1 of 5. 5-Day Instructor Led Course P a g e 1 of 5 Security+ 5-Day Instructor Led Course Overview This course is the primary course you will need to take if your job responsibilities include securing network services, devices, and traffic

More information

Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers

Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers Brian Carrier Research Scientist @stake Abstract This paper uses the theory of abstraction layers to describe the purpose

More information

QUICK RECOVERY FOR RAID

QUICK RECOVERY FOR RAID Quick Recovery for RAID Features File Systems Supported Who suffers most Recovery Modes De-Stripper File Recovery Frequently Asked Questions QUICK RECOVERY FOR RAID Quick Recovery for RAID 0, RAID 5. Quick

More information

Course outline. Code: ENG706 Title: Planning for Project Management

Course outline. Code: ENG706 Title: Planning for Project Management Course outline Code: ENG706 Title: Planning for Project Management Faculty of: Science, Health, Education and Engineering Teaching Session: Semester 2 Year: 2015 Course Coordinator: John Yeaman Email:

More information

Computer Hacking Forensic Investigator v8

Computer Hacking Forensic Investigator v8 CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Computer Hacking Forensic Investigator v8 Course Description: EC-Council releases the most advanced Computer

More information

Digital Forensics, ediscovery and Electronic Evidence

Digital Forensics, ediscovery and Electronic Evidence Digital Forensics, ediscovery and Electronic Evidence By Digital Forensics What Is It? Forensics is the use of science and technology to investigate and establish facts in a court of law. Digital forensics

More information

ISO IEC 27002 2005 (17799 2005) TRANSLATED INTO PLAIN ENGLISH

ISO IEC 27002 2005 (17799 2005) TRANSLATED INTO PLAIN ENGLISH 13.1 REPORT INFORMATION SECURITY EVENTS AND WEAKNESSES 1 GOAL Make sure that information system security incidents are promptly reported. 2 GOAL Make sure that information system security events and weaknesses

More information

Criminal Justice - Law Enforcement

Criminal Justice - Law Enforcement Criminal Justice - Law Enforcement Dr. Charles Adair, Acting Chair Criminal Justice Department adaircn@farmingdale.edu 631-420-2692 School of Arts & Sciences Associate in Science Degree The goal of this

More information

Information Security Specialist Training on the Basis of ISO/IEC 27002

Information Security Specialist Training on the Basis of ISO/IEC 27002 Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu

More information

Computer Forensics US-CERT

Computer Forensics US-CERT Computer Forensics US-CERT Overview This paper will discuss the need for computer forensics to be practiced in an effective and legal way, outline basic technical issues, and point to references for further

More information

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security Security+ Supported Labs - V1 Lab 1 Network Devices and Technologies - Capturing Network Using tcpdump to Capture Network with Wireshark with Network Miner 2 Secure Network Administration Principles -

More information

Table of Contents. Introduction. Audience. At Course Completion

Table of Contents. Introduction. Audience. At Course Completion Table of Contents Introduction Audience At Course Completion Prerequisites Certified Professional Exams Student Materials Course Outline Introduction This four-day, instructor-led course provides students

More information

User Manual. Copyright Rogev LTD

User Manual. Copyright Rogev LTD User Manual Copyright Rogev LTD Introduction Thank you for choosing FIXER1. This User's Guide is provided to you to familiar yourself with the program. You can find a complete list of all the program's

More information

Open Source Security Tools for Information Technology Professionals

Open Source Security Tools for Information Technology Professionals Open Source Security Tools for Information Technology Professionals CUNY SPS Course Syllabus Aron Trauring May 23, 2005 (rev October 21, 2005) Course Description Information security is a top priority

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

Community College of Philadelphia Department of Biology Forensic Biology - 104 2014 Syllabus

Community College of Philadelphia Department of Biology Forensic Biology - 104 2014 Syllabus Community College of Philadelphia Department of Biology Forensic Biology - 104 2014 Syllabus Course Reference Number (CRN): 17546 Course: BIOL 104 Section: 001 Credits: 4 Schedule: Class M 1:00pm 2:30pm

More information

Security and Computer Forensics ITP 477 (4 Units)

Security and Computer Forensics ITP 477 (4 Units) Security and Computer Forensics ITP 477 (4 Units) Description Objective Prerequisites/ Recommended Preparation Instructor Contacting the Instructor Lecture/Lab Required Textbooks Web Site Grading In 2007,

More information

Digital Forensics Fundamentals

Digital Forensics Fundamentals Digital Forensics Fundamentals 1 P a g e Table of Contents 1. Overview of Digital Forensics... 3 2. Evaluation of Digital forensic tools... 5 2.1 Encase Digital forensic tool... 5 2.1.1 Benefits with Encase

More information