Important Links

Print this page

Digital Forensics Concentration

Digital forensics is the study of computer security breaches and their consequences. Businesses need to know how the breaches occur and how to properly investigate them so they can implement better security controls in the future. In addition, they will need to understand the consequences of a digital forensics investigation and its potential legal impact. This program is intended to provide both the technical and legal overview of investigating a security breach and how to work with law enforcement to effectively handle the problem.

All students in this concentration must complete the following eight courses:

 

  • 769.424 Encryption and Cryptography

    Understanding the inner detail of security processes can provide for better security systems design and operations. This course examines details of typical security protection measures. Topics include certificate authorities (CA), public key infrastructure, Rivest-Shamir-Adleman (RSA) architectures, data encryption standard, pretty good privacy, steganography, and security standards. (3 credits)

    Prerequisite(s): BU.769.330

    Back to top

     

  • 769.440 Operating Systems and File Structures

    A detailed understanding of operating systems, how they manage systems and handle data is critical to information retrieval and recovery. Various operating systems will be covered in detail, including architectural structure and operations, design philosophies, file manipulation processes, processes and threads, security principles and operational issues. (3 credits)

    Prerequisite(s): BU.769.307 AND BU.769.330

    Back to top

     

  • 769.441 Legal/Ethical Iss In Dig

    This course will explore civil, criminal, and regulatory law and its impact on digital forensics. The course will include: the constitutional amendments that apply to digital forensic data recovery, an introduction to civil law torts, both civil and criminal procedure and the role of the expert at each stage of the process, and an overview of regulatory agencies and how they operate. Since digital data recovery requires a high degree of ethical standards, ethical issues will be highlighted throughout the course. (3 credits)

    Prerequisite(s): BU.769.307 AND BU.769.330

    Back to top

     

  • 769.442 Introduction to Forensic Computing

    This course will introduce the student to the principles and practices of computer forensics. Forensic science principles will be examined, including validation and verification of Standard Operating Procedures, competency and proficiency testing, note taking and report writing. The foundations of criminal and civil law and the judicial system will be reviewed. The student will learn how forensic computing plays an important role in national and information security. (3 credits)

    Prerequisite(s): BU.769.330 AND BU.769.440

    Back to top

     

  • 769.444 Computer Media Forensics

    Understanding the details of how data is stored on magnetic and optical media is critical to its effective recovery. In this course, students will gain an understanding how valuable information can be retrieved from storage devices. They will learn how operating systems, file systems, files and unallocated information can be acquired, examined, analyzed and documented. This will be done using both manual and automated tools. Students will learn to effectively document their findings. (3 credits)

    Prerequisite(s): BU.769.440 AND BU.769.442

    Back to top

     

  • 769.445 Network Forensics

    This course will introduce the student to the collection, examination, and analysis of data on networks. Topics covered are techniques for collecting, reconstructing and analyzing a network packets, spoofing, port scanning, worms and other network vulnerabilities; identification of forensic data locations on a network; deployment of open-source network tools to collect and analyze network traffic; and development of pre-incident network forensic collection plans, including the appropriate collection tools and their location on the network. (3 credits)

    Prerequisite(s): BU.769.311 AND BU.769.442

    Back to top

     

  • 769.447 Intrusion Forensics

    This course brings together the technology components from the previous courses. Students will examine both intrusion and intrusion detection techniques. Case studies will be utilized to develop the student’s understanding of what happens in the “real world” when computer systems are compromised. At the conclusion of this course, the student will be able to efficiently and effectively collect all of the available data in connection with a computer intrusion. They will develop and execute investigation and data collection plans, collect data from a variety of computer and network hardware, conduct appropriate analysis, and write forensic reports. (3 credits)

    Prerequisite(s): BU.769.444 AND BU.769.445

    Back to top

     

  • 769.448 Digital Forensics/Court

    Forensics may require court and legal intervention. This course examines the entire legal and trial process in order to give the student insight into ways of properly collecting important data and assisting the parties and the court. Each class will focus on a different part of the process. Important components such as preparation, grasp of the legal concepts, and understanding the role in court will be the focus. (3 credits)

    Prerequisite(s): BU.769.441 AND BU.769.447

    Back to top

     
Student with notebook