May 06, 2021  
2019-2020 Catalog 
2019-2020 Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CIT 280 - Computer Forensics 2

Credits: 4
4 Lecture Hours

Prerequisites: CIT 180  and CIT 181  
Co-requisites: CIT 281  

This course provides students the opportunities to apply the fundamentals of the computer forensics to the processing and analysis of real or hypothetical cases. Students obtain substantial hands-on experience in problem-solving and in using computer forensic knowledge and tools to identify, recover, collect, process, analyze, document and present digital evidence in sample cases of computer crimes or incidents. The hands-on experience includes work on file and data recovery in addition to examination and analysis of email and network intrusions.
Learning Outcomes
Upon successful completion of the course, the student will:

  1. Identify legal and business implications of sample cases of computer investigations.
  2. Prepare a plan for public or private investigation of a sample case.
  3. Determine appropriate data acquisition method.
  4. Preserve the integrity of data needed using appropriate forensic tools.
  5. Perform digital forensic analysis on Microsoft file systems.
  6. Solve problems of data-hiding and data access.
  7. Perform network data capture and analysis.
  8. Examine email messages and headers.
  9. Analyze email messages and headers.
  10. Document findings of digital evidence per business and legal procedures.
  11. Present findings of digital evidence per business and legal procedures.
Listed Topics
  1. Review of major laws and regulations regarding information security
  2. Public investigation versus private or corporate investigation
  3. Sample cases of public and private investigation
  4. Features of various computer forensic tools and data recovery procedures
  5. Network sniffing and monitoring tools
  6. Intrusion Detection Systems (IDS) software tools for Windows
  7. Email configurations and data analysis
  8. Legal documentation of digital evidence
  9. Expert witnesses for computer investigations
Reference Materials
Current and appropriate textbook, current and appropriate version(s) of software, multimedia, Internet access and a CCAC web server account for web publishing.
Approved By: Bullock, Quintin Date Approved: 05/15/2014

Course and Section Search

Add to Portfolio (opens a new window)