Digital forensics Unit number: 30 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: D/601/1939.



Similar documents
Information systems in organisations Unit number: 2 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: M/601/1444

Local Area Networking technologies Unit number: 26 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: L/601/1547

Oxford Cambridge and RSA

Networking infrastructure Unit number: 25 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: A/601/1964.

Cambridge TECHNICALS. OCR Level 3 CAMBRIDGE TECHNICAL SPORT F/502/5774 GUIDED LEARNING HOURS: 60

OCR LEVEL 3 CAMBRIDGE TECHNICAL

DIGITAL FORENSICS SPECIALIZATION IN BACHELOR OF SCIENCE IN COMPUTING SCIENCE PROGRAM

Oxford Cambridge and RSA

Discuss the ethical, moral and professional issues relating to computer security, ethical hacking and incident response.

The Basics of Digital Forensics; John Sammons; Syngress, 2011; ISBN-13:

CIS 4203 IT Forensics & Investigations Summer C

Cambridge TECHNICALS. OCR Level 2 CAMBRIDGE TECHNICAL SPORT T/502/5528 GUIDED LEARNING HOURS: 60

Unit 13 Social media and digital marketing

Tuskegee University Department of Computer Science Course No: CSCI 390 (Computer Forensics) Fall MWF 1:00-2:300, BRIM 301

Computer Networks. Credit value: 10 Guided learning hours: 60. Aim and purpose. Unit introduction. Learning outcomes

OCR LEVEL 3 CAMBRIDGE TECHNICAL

EC-Council Ethical Hacking and Countermeasures

Unit 22 Big Data analytics

Masters in Applied Cyber Security Upskilling Existing Employees

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Syllabus: AIT Information Systems Infrastructure Lifecycle Management

Computer Hacking Forensic Investigator v8

Course Design Document. Information Security Management. Version 2.0

DATA RECOVERY SOLUTIONS EXPERT DATA RECOVERY SOLUTIONS FOR ALL DATA LOSS SCENARIOS.

ITM 642: Digital Forensics Sanjay Goel School of Business University at Albany, State University of New York

Qualification Specification

T141 Computer Systems Technician MTCU Code Program Learning Outcomes

STATE OF CYBER SECURITY IN ETHIOPIA

DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE. Vahidin Đaltur, Kemal Hajdarević,

Computer Forensics Preparation

Marketing for Hospitality

MEDIA OCR LEVEL 2 CAMBRIDGE TECHNICAL. Cambridge TECHNICALS PRINT MEDIA PRODUCTION CERTIFICATE/DIPLOMA IN T/504/0529 LEVEL 2 UNIT 30

Managing Networks. Credit value: 10 Guided learning hours: 60. Aim and purpose. Unit introduction. Learning outcomes

Planning, Organisation and Control of Resources in Construction and the Built Environment

PREPARE YOUR INCIDENT RESPONSE TEAM

St Michael s Primary School. ICT School Policy Data Protection and E Safety

Participate in Business Planning and Improvement in the Land-based Sector

UNIT 1: WORKING AS A TEAM IN HEALTH AND SOCIAL CARE (LEVEL 1)

Digital Industries Apprenticeship: Assessment Plan. Cyber Security Technologist. April 2016

Certified Cyber Security Analyst VS-1160

Level 3 Certificate in Retail Banking Conduct of Business (CertRBCB )

Introduction to Marketing

How To Work For An Aviation Organisation

GEARS Cyber-Security Services

Computer Forensics. Computer Forensics: History, Tools and Outlooks. By John Burns IT Research Paper

Short courses presented by the NWU Programme in Forensic Accountancy

Course Syllabus Revised: Dec. 20, 2011.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

BUSINESS OCR LEVEL 3 CAMBRIDGE TECHNICAL. Cambridge TECHNICALS BUSINESS PROJECT MANAGEMENT CERTIFICATE/DIPLOMA IN K/502/5459 LEVEL 3 UNIT 18

Short courses presented by the NWU Programme in Forensic Accountancy

Principles of ICT Systems and Data Security

Unit 3 Cyber security

Course Syllabus - IST 454 Computer and Cyber Forensics General Course Information

OCR Level 2 CAMBRIDGE TECHNICAL

Health, Safety and Welfare in Construction and the Built Environment

Principles of Information Assurance Syllabus

Manchester City Council Role Profile. Service Manager (Database Analysis), Grade 9

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Information Systems and Tech (IST)

Qualification Specification

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Security+ P a g e 1 of 5. 5-Day Instructor Led Course

COURSE OUTLINE Survey of Operating Systems

Network System Design Lesson Objectives

Researching Current Issues in Aviation

Short courses presented by the NWU Programme in Forensic Accountancy

Some 10,000 people are employed in a business role in Swindon and this number is set to rise as demand increases for skilled business people

Quality Handbook. Part A: Governance and award frameworks. Section 3: Postgraduate (taught and research) awards. Section3. Nottingham Trent University

CYBER FORENSICS (W/LAB) Course Syllabus

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Project Planning Using IT

QUALIFICATION HANDBOOK

University of Cambridge: Programme Specifications POST-GRADUATE DIPLOMA IN PROPERTY INVESTMENT

Business Continuity Policy. Version 1.0

PATCH MANAGEMENT POLICY IT-P-016

BUSINESS OCR LEVEL 2 CAMBRIDGE TECHNICAL. Cambridge TECHNICALS VERBAL AND NON-VERBAL COMMUNICATION IN BUSINESS CONTEXTS CERTIFICATE/DIPLOMA IN

Unit 21 Web design and prototyping

University Centre at Blackburn College. Abbreviated Programme Specification Containing Both Core + Supplementary Information

QAA Recognition Scheme for Access to Higher Education. The Access to Higher Education Diploma specification 2013

C HFI C HFI. EC-Council. EC-Council. Computer Hacking Forensic Investigator. Computer. Computer. Hacking Forensic INVESTIGATOR

TEXT: Turvey, B. E. (2008). Criminal Profiling: An introduction to behavioral evidence analysis 3 rd Edition. New York: Elsevier, Inc.

Ernesto F. Rojas CISSP, DFCP, IAM, IEM, DABRI, PSC, MBA

ROYAL HOLLOWAY University of London PROGRAMME SPECIFICATION

C HFI C HFI. EC-Council. EC-Council. Computer Hacking Forensic Investigator. Computer. Computer. Hacking Forensic INVESTIGATOR

Understanding Floristry Marketing Strategies

Information Systems. Credit value: 10 Guided learning hours: 60. Aim and purpose. Unit introduction. Learning outcomes

CSN08101 Digital Forensics. Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Workplace Practices and Procedures in Beauty-related Industries

Transcription:

Unit title: Digital forensics Unit number: 30 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: D/601/1939 UNIT AIM AND PURPOSE To provide learners with an understanding of digital forensics in social and commercial environments. The learner will explore current computer forensic techniques and apply these to an investigation and analyse their findings.

LEARNING OUTCOMES AND ASSESSMENT CRITERIA A pass grade is achieved by meeting all the requirements in the assessment criteria. Learning Outcome (LO) Pass The assessment criteria are the pass requirements for this unit. The Learner will: LO1 Understand the impact of digital forensics on the social and commercial environments The Learner can: 1.1 evaluate current forensic practice 1.2 discuss the potential impact of a forensic investigation 1.3 discuss the impact of motivation, data manipulation and malware LO2 Understand the principles of evidence gathering 2.1 discuss the principles of evidence gathering 2.2 evaluate current evidence gathering practices and assess their impact LO3 Be able to plan and implement digital forensics investigations 3.1 based on a given scenario, plan a digital forensics investigation 3.2 implement a digital forensics investigation 3.3 systematically record each process during investigation LO4 Be able to analyse the outcomes of digital forensics investigations 4.1 present findings of forensics investigation 4.2 critically review and analyse findings

GRADING CRITERIA A merit grade is achieved by meeting all the requirements in the pass criteria and the merit descriptors. A distinction grade is achieved by meeting all the requirements in the pass criteria and the merit descriptors and the distinction descriptors. Merit Criteria (M1, M2, M3) (M1, M2, and M3 are mandatory to achieve a merit grade. Each must be achieved at least once per unit to achieve a merit grade.) Distinction Criteria (D1, D2, D3) (D1, D2, and D3 are mandatory to achieve a distinction grade. Each must be achieved at least once per unit to achieve a distinction grade.) (In order to achieve a distinction grade, all merit criteria must also have been achieved.) MANDATORY TO ACHIEVE A MERIT GRADE M1 Analyse concepts, theories or principles to formulate own responses to situations. M2 Analyse own knowledge, understanding and skills to define areas for development. M3 Exercise autonomy and judgement when implementing established courses of action. MANDATORY TO ACHIEVE A DISTINCTION GRADE D1 Evaluate approaches to develop strategies in response to actual or anticipated situations. D2 Evaluate and apply strategies to develop own knowledge, understanding and skills. D3 Determine, direct and communicate new courses of action.

TEACHING CONTENT The Teaching Content describes what has to be taught to cover all Learning Outcomes. Learners must be able to apply relevant examples to their work although these do not have to be the same as the examples specified. LO1 Understand the impact of digital forensics on the social and commercial environments Digital Threat Social impact Commercial impact Storage devices, operating systems, forensic analysis, how data is stored, networks, hiding techniques Virus, Trojan, worm, spyware, screen recorder, manipulation of customers e.g. loss of confidence, loss of access, financial loss to customers e.g. financial implications, customer confidence, corporate image. LO2 Understand the principles of evidence gathering Tools Evidence Evidence preservation, software applications packages available e.g. EnCase, LinEn, legislation, civil action Legal authorities both international and local, records, system images, interviewing witnesses. LO3 Be able to plan and implement digital forensics investigations Imaging Network Planning Maintain data integrity, range of storage devices, data recovery Topology, network security, hexadecimal, binary and IP addressing, traffic monitoring, intrusion detection, workstation forensics Legal authorities, legal representatives, corporate personnel, record keeping, time line, evidence gathering, best practice for preserving evidence. LO4 Be able to analyse the outcomes of digital forensics investigations Findings Recommendations Evidence, issues, records, impartial information, legal proceedings Amendments to policies and procedures, staff issues, legal implications.

GUIDANCE Delivery guidance It will be beneficial to deliver this unit in a way that uses actual events, industry forecasts or sector specific contexts which offer the learner the opportunity to explore, develop and apply the fundamental principles of the sector or subject area. Typical delivery contexts could include guest speakers and industrial visits. Learners will benefit from being encouraged to exercise autonomy and judgement to analyse case studies, adapt their thinking and reach considered conclusions when evaluating the impact of digital forensics on social and commercial environments. Learners would benefit from being presented with subject/sector-relevant problems from a variety of perspectives, and being given the opportunity to explore them using diverse approaches and schools of thought. For example, industrial visits to see a range of investigations being carried out. Assessment evidence guidance Evidence must be produced to show how a learner has met each of the Learning Outcomes. This evidence could take the form of assignments, project portfolios, presentations or, where appropriate, reflective accounts. Where group work/activities contribute to assessment evidence, the individual contribution from each learner must be clearly identified. All evidence must be available for the visiting moderator to review. Where learners are able to use real situations or observations from work placement, care should be taken to ensure that the record of observation accurately reflects the learner s performance. This should be signed, dated, and included in the evidence. It is best practice to record another individual s perspective of how a practical activity was carried out. Centres may wish to use a witness statement as a record of observation. This should be signed and dated and included in the evidence.

RESOURCES Books Britz, Marjie, Computer Forensics and Cyber Crime: An Introduction, Prentice Hall, 2003, ISBN 9780130907585 Jones, Keith J., Bejtlich, Richard,. Rose, Curtis W., Farmer, Dan., Venema, Wietse., Carrier, Brian., Computer Forensics Library, Addison-Wesley Educational Publishers Inc, 2007, ISBN 9780321525642 Laykin, Erik., Investigative Computer Forensics: The Practical Guide for Lawyers, Accountants, Investigators, and Business Executives, John Wiley & Sons Ltd, 2013, ISBN 9780470932407 Bunting, Steve., EnCase Computer Forensics - The Official EnCE: EnCase Certified Examiner Study Guide, John Wiley & Sons Ltd, 2012, ISBN 9780470901069 Altheide, Cory., Carvey, Harlan., Digital Forensics with Open Source Tools: Using Open Source Platform Tools for Performing Computer Forensics on Target Systems: Windows, Mac, Linux, Unix, Etc. Syngress Media, 2011, ISBN 9781597495868 Solomon, Michael G., Rudolph, K., Tittel, Ed., Broom, Neil., Barrett, Diane., Computer Forensics JumpStart, John Wiley & Sons Ltd, 2011, ISBN 9780470931660 Journals The International Journal of Forensic Computer Science, Print ISSN: 1809-9807 - Online ISSN: 1980-7333 Websites Computer Forensics, Malware Analysis & Digital Investigations www.forensickb.com/

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information