May 06, 2021
CIT 280 - Computer Forensics 2
4 Lecture Hours
Prerequisites: CIT 180 and CIT 181
Co-requisites: CIT 281
This course provides students the opportunities to apply the fundamentals of the computer forensics to the processing and analysis of real or hypothetical cases. Students obtain substantial hands-on experience in problem-solving and in using computer forensic knowledge and tools to identify, recover, collect, process, analyze, document and present digital evidence in sample cases of computer crimes or incidents. The hands-on experience includes work on file and data recovery in addition to examination and analysis of email and network intrusions.
Upon successful completion of the course, the student will:
- Identify legal and business implications of sample cases of computer investigations.
- Prepare a plan for public or private investigation of a sample case.
- Determine appropriate data acquisition method.
- Preserve the integrity of data needed using appropriate forensic tools.
- Perform digital forensic analysis on Microsoft file systems.
- Solve problems of data-hiding and data access.
- Perform network data capture and analysis.
- Examine email messages and headers.
- Analyze email messages and headers.
- Document findings of digital evidence per business and legal procedures.
- Present findings of digital evidence per business and legal procedures.
- Review of major laws and regulations regarding information security
- Public investigation versus private or corporate investigation
- Sample cases of public and private investigation
- Features of various computer forensic tools and data recovery procedures
- Network sniffing and monitoring tools
- Intrusion Detection Systems (IDS) software tools for Windows
- Email configurations and data analysis
- Legal documentation of digital evidence
- Expert witnesses for computer investigations
Current and appropriate textbook, current and appropriate version(s) of software, multimedia, Internet access and a CCAC web server account for web publishing.
Approved By: Bullock, Quintin Date Approved: 05/15/2014
Course and Section Search
Add to Portfolio (opens a new window)