Skip Navigation

ISSC455 - Digital Forensics: Investigation Procedures and Response

Course Details

Course Code: ISSC455 Course ID: 4411 Credit Hours: 3 Level: Undergraduate

This course is an introduction to Computer Forensics Investigation Procedures and Response. It provides a basic understanding of the importance of computer forensics, how to set up a secure lab, the process for forensic investigation including first responder responsibilities, how to handle various incidents and information on the various reports used by computer forensic investigators.

Course Schedule

Registration Dates Course Dates Session Weeks
04/27/20 - 10/02/20 10/05/20 - 11/29/20 Fall 2020 Session B 8 Week session
06/29/20 - 12/04/20 12/07/20 - 01/31/21 Fall 2020 Session D 8 Week session

Current Syllabi

The successful student will fulfill the following learning objectives:

  1. Analyze the role of computer forensics in today’s world.
  2. Examine common incident response procedures.
  3. Apply basic computer investigation processes.
  4. Explain the components that make a good computer forensics lab.
  5. Develop first responder procedures.
  6. Prepare investigative reports.

The grading will be based on eight weekly assignments, eight weekly Forum postings, six weekly labs, an individual project paper with topic, outline, presentation, and a case study.

  1. There will be eight assignments (3% each) counting a total of 24% of the final grade. The assignments will follow each of the major milestones of the course. These assignments will be problems or questions from the text. They are a combination of Lesson Reviews and Lesson Activities and/or Labs. They are selected to provide the student with information to understand the concepts discussed. Assignments should be prepared in Microsoft Word using the following file naming convention: ISSC455_Week#Assignment_First_Last.doc(x) (where the # is the week number, and first and last are your first and last names resp.) and submit the file in this assignments’ area and uploaded into the student folder by the due date. Any necessary Visio diagrams should be incorporated within the Word document as part of the document.
  2. There will be eight weekly Forum postings you will need to respond to. Answers should be 3-­‐4 paragraphs with a topic sentence that restates the question and supporting sentence using the terms, concepts, and theories from the required readings. Each answer should be a minimum of 400 words (about 8 good sentences). You may attack, support or supplement other students’ answers using the terms, concepts and theories from the required readings. All responses should be a courteous paragraph that contains a topic sentence with good supporting sentences. You may respond multiple times with a continuous discussion with points and counter points. The key requirement is to express your idea and then support your position using the terms, concepts and theories from the required readings to demonstrate to me that you understand the material. The Forum postings will count as 20% (2.5% for each discussion posting) of the final grade.
  3. There will be a project paper (10%) with topic selection (2%), outline (4%), and presentation (6%), and a case study (10%) throughout the session, counting as 32% total of the final grade. Please practice using the same file naming convention established in this class for each of these files.
  4. There will be labs (4% each) a total 24% of the final grade. The labs will be online hands-­‐on labs using the necessary tools required in digital forensics.

All assignments, Forum question responses, and the labs are due by 11:55 Eastern Time Sundayof the week assigned.

Project Paper (Topic, Outline, PowerPoint Presentation, and Paper) Topics:

Week 2: Topic selection due Week 4: Outline due

Week 6: PowerPoint Presentation due Week 7: Paper due

Topics: Acceptable topics unless I have already approved one:

  1. Computer Forensics
  2. Incident Response
  3. Incident Response Team Structure and Plan
  4. Computer Investigation Process
  5. Computer Investigation Reports
  6. Incident Handling

Details of Project Paper (10%): You must include at least ten references.

Prepare a 10-­‐15 page paper in Microsoft Word (counts as 10% of the final grade) in APA format (see writing expectations in the Policies section) (350 words per page). The paper should be between 3500 to 5300 words excluding the title page content and the references page content. At a minimum include the following:

  1. Detailed description of the area researched
  2. Technology involved in the area
  3. Future trends in the area
  4. Example companies involved in the area
  5. Regulatory issues surrounding the area
  6. Global implications for the area
  7. References (minimum of 10)

You may use resources from the APUS Online Library, any library, government library, or any peer-­‐reviewed reference (Wikipedia and any other publicly-­‐reviewed source is not accepted). The paper must be at least 10 pages double-­‐spaced, 1" margin all around, black 12 point font (Times New Roman or Arial) with correct citations of all utilized references/sources, (pictures, graphics, etc... are extra -­‐ allowed but extra for the minimum page count). The title page and references are also required but don't count in the minimum page count. A minimum of 10 references are required.

The paper will be subjected to checking against plagiarism. The paper must follow acceptable originality criteria (no more than 15% max total, and 2% per individual source match are allowed).

Save the file using the following file naming convention: ISSC455_Project_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area

Here are the originality report requirements:

  1. The originality report must be less than 15% match
  2. No single source shall be above 2%
  3. You must submit the originality report with your paper to your AMU classroom

If you don't follow these three requirement instructions you will get a 0 for your project paper assignment. I will give you the chance to rework your papers until an acceptable level of match is achieved.

At the end of the class, if you have not submitted your paper to, I will submit it anyways even after you'd get a 0, to see the level of plagiarism found, if any. If

matches more than 40% you will be subject to academic reporting.

Case Study (10%): You are hired by JLA Enterprise to create the layout of their computer forensics laboratory. The goal is to design a computer forensic lab that will contain 5 computers that are networked to a server to store all case data. Here are some things to consider when explaining the design of the Forensics lab:

  1. What is the layout of the room?
  2. What type of hardware and software will be used?
  3. What type of server will house the forensic case data?
  4. What type of data can be processed on the computers?

Your submission should be about 3 to 5 pages (not including the title page and the references page) long in APA format with proper citations and references if you are using them. It will be subjected to checking against plagiarism. The final product must follow acceptable originality criteria (no more than 15% max total, and 2% per individual source match are allowed).

Save the file using the following file naming convention: ISSC455_CaseStudy_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area

NameGrade %
Assignments 20.00 %
Assignment 1 2.50 %
Assignment 2 2.50 %
Assignment 3 2.50 %
Assignment 4 2.50 %
Assignment 5 2.50 %
Assignment 6 2.50 %
Assignment 7 2.50 %
Assignment 8 2.50 %
Forums 20.00 %
Forum 1 2.50 %
Forum 2 2.50 %
Forum 3 2.50 %
Forum 4 2.50 %
Forum 5 2.50 %
Forum 6 2.50 %
Forum 7 2.50 %
Forum 8 2.50 %
Labs 18.00 %
Wk2 Lab 1 3.00 %
Wk6 Lab 5 3.00 %
Wk3 Lab 2 3.00 %
Wk4 Lab 3 3.00 %
Wk5 Lab 4 3.00 %
Wk7 Lab 6 3.00 %
Project Paper Topic 2.00 %
Wk2 Project Paper Topic 2.00 %
Project Paper Outline 4.00 %
Wk4 Project Paper Outline 4.00 %
Project Powerpoint 6.00 %
Wk6 Project PowerPoint Presentation 6.00 %
Project Paper 10.00 %
Wk7 Project Paper 10.00 %
Case Study 10.00 %
Wk8 Case Study 10.00 %
Quizzes 10.00 %
Week 1 and 2 Quiz 2.50 %
Week 3 and 4 Quiz 2.50 %
Week 5 and 6 Quiz 2.50 %
Week 7 and 8 Quiz 2.50 %

Additional Resources

Gupta, U. (2011). Incident Response: 5 Critical Skills. Retrieved from­‐response-­‐5-­‐critical-­‐skills-­‐a-­‐4214/op-­‐1

Mohay, G. M., Anderson, A., Collie, B., McKemmish, R. D., & de Vel, O. (2003). Computer and Intrusion Forensics [electronic resource]. Retrieved from

Sammons, J. (2012). The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics [electronic resource]. Retrieved from

Schroader, A., & Cohen, T. (2007). Alternate data storage forensics [electronic resource]. Retrieved from

TaoSecurity. (2009). Speaking of Incident Response. Retrieved from­‐of-­‐incident-­‐response.html

Wiles, J., Cardwell, K., & Reyes, A. (2007). The best damn cybercrime and digital forensics book period [electronic resource]. Retrieved from

Wright, T. (2001). How to Design a Useful Incident Response Policy. Retrieved from­‐design-­‐useful-­‐incident-­‐response-­‐ policy

Book Title:Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations - e-book available in the APUS Online Library
Publication Info:Apress
Author:Reddy, Niranjan
Unit Cost:$32.99
Book Title:Digital Forensics Basics: A Practical Guide Using Windows OS - e-book available in the APUS Online Library
Publication Info:Apress
Author:Hassan, Nihad
Unit Cost:$39.99

Previous Syllabi

Not current for future courses.