ITSY-2343 Computer System Forensics

Philip Cupina

Credit Fall 2024

Section(s)

ITSY-2343-001 (91221)
LEC TuTh 1:00pm - 2:20pm DIL DLS DIL

LAB TuTh 2:20pm - 2:45pm DIL DLS DIL

Course Requirements

This is a synchronous online course where you will need to meet each class at the online link above. In-depth study of system forensics including methodologies used for analysis of computer security breaches. Gather and evaluate evidence to perform postmortem analysis of a security breach. This course will progress through what a typical computer forensics analyst performs during an investigation. We will be covering hardware, files systems, advanced EnCase concepts, file signature and hash analysis

Readings

EnCE The Official EnCase Certified Examiner study guide  3rd Edition. Steve Bunting, EnCE, CCFT.   ISBN- 978-0-470-90106-9

Course Subjects

This course will have 75% lecture and 25% laboratory. 

The CIS open labs are available for students for work outside of scheduled lab time. 

Student Learning Outcomes/Learning Objectives

  1. Understand computer boot process, mechanics of FAT and NTFS file systems, and disk partitions
  2. Describe first response actions
  3. Acquire digital evidence
  4. Comprehend EnCase operation and use it for forensics purposes
  5. Describe advanced EnCase features
  6. Perform data searches and bookmarking
  7. Perform signature analysis and hash analysis
  8. List, describe, and access Windows artifacts
  9. Create reports

Schedule

ITSY 2343 Schedule
Dates are subject to change
The Instructor Reserves the Right to Make Schedule Changes

Week 1

Aug 27, 29

Introduction to the course
Explanation and Discussion of Syllabus

Fill out Computer Studies Student Information Form, Install EnCase

Lecture chapter 1 Computer Hardware, Quiz

Read Chapter 1,2
 

Week 2

Sept 3, 5

Cont. Chapter 1, Chapter 2 File Systems, Quiz

 

Lab #1

Read Chapter 3

Turn in Chapter 1 Homework

 

Week 3

Sept 10, 12

Lecture:  Cont. Chapter 2 File Systems,  Chapter 3 First Response, Quiz

 

Lab #2

Read Chapter 4

Turn in Chapter 2 Homework

 

Week 4

Sept 17, 19

Lecture:  Chapter  4: Acquiring Digital Evidence, Quiz

Lab # 3

Read Chapter 5

Turn in Chapter 3 Homework

 

Week 5

Sept 24, 26

Lab #4, and make up of previous labs.

Review for Exam #1 Chapters 1-4

Read Chapter 5

Turn in Chapter 4 Homework

 

Week 6

Oct 1, 3

Exam #1 Chapters 1-4 (Tuesday)

Lab #5

Review Chap 1-4

Turn in all labs

Read Chapter 5

Week 7

Oct 8, 10

Review of Exam #1

Lecture: Chapter 5  EnCase Concepts, Quiz

Read Chapter 6

Week 8

Oct 15, 17

Lecture: Chapter 6 EnCase Environment, Quiz

Lab #6

Read Chapter 7

Turn in Chapter 5 Homework

 

Week 9

Oct 22, 24

Lecture: Corporate crimes  Environment, Quiz

Lab #7

Read Chapter 7

 Turn in Chapter 7 Homework

 

 

Week 10

Oct 29, 31

Lecture: Chapter 7 Understanding, Searching For, and Bookmarking Data, Quiz

Lab #8

Read Chapter 7

 Turn in Chapter 7 Homework

 

Week 11

Nov 5, 7

Tuesday Finish up all labs for this segment

Review for Exam #2 Chap 5-7

 

Review Chap 5-7

Read Chapter 8

 

Week 12

Nov 12, 14

 Exam #2 Chapters 5-7 (Tuesday)

Lecture:  Chapter 8 File Signature Analysis and Hash Analysis, Quiz

Turn in  ALL Labs

Read Chapter 9

Week 13

Nov 19, 21

Chapter 9 Windows Operating System Artifacts, Quiz  Lab #10

Read Chapter 10

Turn in Chapter 8 Homework

Week 14

Nov 26

Lecture: Chapter 10 Advanced EnCase, Quiz

Thanksgiving Holiday (Thursday)

Review for final Exam

 

Week 15

Dec 3, 5

Lecture: Cont. Chapter 10 Advanced EnCase

Finish Lab 10

Review for Exam #3 Chap 8-10

Review for final Exam

 

Week 16

Dec 10, 12

Exam #3 Chapters 8-10 (Tuesday)

Review of Exam

Study for Exam #3

Turn in ALL Labs

 

Office Hours

M W 9:30 AM - 1:00 PM Highland Building 4000 Room 4.1215.06

NOTE

Office Hours

M W 9:30 AM - 1:00 PM Highland Building 4000 Room 4.1215.06

NOTE

Published: 08/27/2024 19:50:38