ECCU 502: Investigating Network Intrusions and Computer Forensics

puzzle3Criminals use computers in a lot of ways. Computers can be used to commit a crime, to assist in the commission of a crime, or to store information about a crime. The relatively new field of computer forensics brings together information technology and law enforcement to investigate these hi tech crimes. Evidentiary procedure dictates specific processes for that evidence to recovered and handled when analyzing electronically stored data (See Daubert v. Merrell Dow Pharmaceuticals, 509 U.S. 579 (1993)). Sadly, many of these laws were written before the era of computer forensics as a science came into being. They are often outdated and do not adequately address the issues involved in cyber crime investigation. “FBI technicians gave expert testimony about this impressive but ultimately worthless investigative method in more than 2,500 criminal prosecutions nationwide.” The information in this course will provide that piece to complete the puzzle.

Purpose of Class:
This class is designed to equip students with necessary skills required to identify computer crime; gather and preserve digital evidence by following set of standards and procedures that hold good in the court of law; assist the attorney in legal proceedings to prosecute criminals involved in cases where one/many computers were used as part of the crime.

Course Learning Outcomes:

Students who successfully complete this class will be able to:

  1. Describe computer crime and computer investigation process and develop skills associated to the professional activity helpful in the field of computer forensics and Incident handling
  2. Acquire, extract, and analyze all the relevant digital evidence from computing devices using the most appropriate industry-accepted procedures and techniques to investigate computer crime.
  3. Consider different perspectives of data acquisition and duplication and develop an organizational strategy on investigating and monitoring the logs that holds good in the court of law.
  4. Analyze the structure of file system and hard disk and recover hidden/deleted files or partitions.
  5. Compare various attacks and Internet crimes and use set of procedures accepted by court of law to investigate Internet crimes.
  6. Compare and contrast different forensic tools used in Forensics Investigations.
  7. Identify the ethical and legal implications used in the gathering, preserving, documenting, and dispatching of forensic evidence that holds good in the court of law

Related Courses

ECCU 501

Ethical Hacking & Countermeasures
Read More

ECCU 503

Security Analysis and Vulnerability Assessment
Read More

ECCU 504

Foundations to Organizational Behavior
Read More

ECCU 505

Introduction to Research and Writing for the IT Practitioner
Read More