Course detail

Digital Forensics (in English)

FIT-DFAaAcad. year: 2021/2022

The course focuses on the role of computer forensics and the methods used in the investigation of computer crimes. The course explains the need for proper investigation and illustrates the process of locating, handling, and processing computer evidence. A detailed explanation of how to efficiently manage a forensics investigation and how to preserve and present evidence is covered.

Language of instruction

English

Number of ECTS credits

5

Mode of study

Not applicable.

Offered to foreign students

Of all faculties

Learning outcomes of the course unit

Student acquaints basic concepts and principles of computer forensics and skills in a computer forensic examination.

Prerequisites

Basic knowledge of operating systems, storage media, networks, and the ability to create simple programs.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

The course consists of lectures and related practical exercises. Practical exercises begin with a brief presentation of the problem. Then students have time to solve a problem in class. For each lab, students are expected to write a report and submit it. Writing and sending a report is a subsequent homework of each laboratory. The deadline for submitting the report is one week.

Assesment methods and criteria linked to learning outcomes

Evaluation of hands-on labs during the course. Final Exam at the end of the course.

Course curriculum

Not applicable.

Work placements

Not applicable.

Aims

The aim is to understand principles of computer forensics and the basic concepts used in a computer forensics examination; introduces techniques required for conducting a forensic analysis of systems and data.

Specification of controlled education, way of implementation and compensation for absences

Controlled activities include the project, hands-on labs, and the final exam. Missed labs can only be replaced if there is a serious obstacle in the study.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

Daren Hayes, Practical Guide to Digital Forensics Investigations, Pearson IT Certification; 2nd edition, 2020. (EN)
Gerard Johansen: Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, Packt Publishing; 2nd edition, 2020 (EN)

Recommended reading

Nipun Jaswal: Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools,  Packt Publishing, 2019. (EN)
Bruce Nikkel , Practical Linux Forensics, No Starch Press, 2021 (EN)

Classification of course in study plans

  • Programme IT-MGR-2 Master's

    branch MBI , any year of study, summer semester, elective
    branch MPV , any year of study, summer semester, elective
    branch MGM , any year of study, summer semester, elective

  • Programme IT-MGR-2 Master's

    branch MGMe , any year of study, summer semester, compulsory-optional

  • Programme IT-MGR-2 Master's

    branch MSK , any year of study, summer semester, elective
    branch MIS , any year of study, summer semester, elective
    branch MBS , any year of study, summer semester, elective
    branch MIN , any year of study, summer semester, elective
    branch MMM , any year of study, summer semester, elective

  • Programme MITAI Master's

    specialization NADE , any year of study, summer semester, elective
    specialization NBIO , any year of study, summer semester, elective
    specialization NGRI , any year of study, summer semester, elective
    specialization NNET , any year of study, summer semester, elective
    specialization NVIZ , any year of study, summer semester, elective
    specialization NCPS , any year of study, summer semester, elective
    specialization NSEC , any year of study, summer semester, elective
    specialization NEMB , any year of study, summer semester, elective
    specialization NHPC , any year of study, summer semester, elective
    specialization NISD , any year of study, summer semester, elective
    specialization NIDE , any year of study, summer semester, elective
    specialization NISY , any year of study, summer semester, elective
    specialization NISY do 2020/21 , any year of study, summer semester, elective
    specialization NMAL , any year of study, summer semester, elective
    specialization NMAT , any year of study, summer semester, elective
    specialization NSEN , any year of study, summer semester, elective
    specialization NVER , any year of study, summer semester, elective
    specialization NSPE , any year of study, summer semester, elective

  • Programme IT-MGR-1H Master's

    branch MGH , any year of study, summer semester, recommended

Type of course unit

 

Lecture

26 hours, optionally

Teacher / Lecturer

Syllabus

  1. Introduction to Forensic Investigation
  2. Forensic Data Acquisition
  3. Hands-on Lab: Forensic Data Acquisition and Analysis
  4. Computer Forensic Examination
  5. Hands-on lab: Web Browser Analysis
  6. Network Forensics
  7. Hands-on Lab: Network Forensics using Wireshark
  8. Traffic Tunneling, VPNs, and Covert Channels
  9. Hands-on Lab: Covert Channels Analysis
  10. Malware Forensics
  11. Hands-on Lab: Malware Forensics
  12. Password Recovery
  13. Hands-on Lab: Password Recovery

Laboratory exercise

13 hours, compulsory

Teacher / Lecturer

Syllabus

  1. Forensic Data Acquisition and Analysis
  2. Web Browser Analysis
  3. Network Forensics using Wireshark
  4. Covert Channels Analysis
  5. Malware Forensics
  6. Password Recovery

Project

13 hours, compulsory

Teacher / Lecturer

Syllabus

Performing the investigation of the selected cases. Solving the cases and writing the report.