UNIVERSITY OF CRIMINAL INVESTIGATION AND POLICE STUDIES

UNDERGRADUATE ACADEMIC STUDIES

FORENSIC ENGINEERING

Course:

Digital Forensics

Course Code: 35

ECTS: 7

Course Status:

Elective

Number of Effective Classes (Per Week): 3 + 2

Theoretical Education:

Practical Training:

Special Forms of Training:

3

2

-

Prerequisite/s: None

Educational Objective: The objective of the course is to enable the student to analyze and document the situation on the digital system on which intrusion was executed and to whom the damage was inflicted.

Projected Outcome: The course allows the student to perform a forensic investigation, collect relevant data and produce a document with material for the eventual court process, to design a response procedure at the moment of detection of the attack.

Course Contents/Structure

Theoretical education: Physical nature of magnetic disk, optical discs and semiconductor memory. System overview for file processing and data structure in files. The technique of entry and systemic formatting of data under different systems. Find, analyze, and recover destroyed digital data. Collecting and organizing data relevant to the security incident. Presentation of evidence. Hacking tools. Application of digital tools Forensics. Recovery from the disaster catastrophe drops into the system. Assessing system security to prevent future attacks. Computer records and legal framework.

Practical training: Use of ready hardware-software tools as well as development of specific tools for forensic data analysis, like log files. EnCase, Forensic Toolbox, NProtect, Honeycomb, Windows Recycle Bins, Norton NProtect.

Teaching Methods: lecture, presentation.

Assessment (Maximum Number of Points: 100)

Pre-Exam Obligations

No. of Points

Final Examination

No. of Points

Active participation in classes

5

Written examination

20

Practical training

15

Oral examination

40

Seminary paper

20

 

 

Textbook/s

1. Britz, M. T.: Computer forensics and cyber crime: an introduction, Upper Saddle River: Pearson Prentice Hall, 2004.

2. Stephenson, P.: Investigating computer-related crime, Boca Raton, Fla [etc.]: CRC Press, 2000.

3. Nelson, B.[et al.]: Guide to computer forensics and investigations, Boston: Thomson Course Technology, 2006.

4. Kruse, W.G.; Heiser, J.G.: Computer forensics: incident response essentials, Boston [etc.]:
Addison-Wesley, 2004.

5. Shinder, D.L.: Scene of the cybercrime: computer forensics handbook, Rockland, MA:
Syngress, 2002.