Skip Navigation
 
 

ISSC459 - Digital Forensics: Hard Disc and Operating Systems

Course Details

Course Code: ISSC459 Course ID: 4415 Credit Hours: 3 Level: Undergraduate

This course is designed to expose the student to the process of detecting attacks and collecting evidence in a forensically sound manner with the intent to report crime and prevent future attacks. Learners are introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. The course provides a basic understanding of file systems, hard disks and digital media devices. Boot processes, Windows and Linux Forensics and application of password crackers.





Course Schedule

Registration Dates Course Dates Session Weeks
11/26/18 - 05/03/19 05/06/19 - 06/30/19 Spring 2019 Session I 8 Week session
01/28/19 - 06/28/19 07/01/19 - 08/25/19 Summer 2019 Session B 8 Week session
03/25/19 - 08/30/19 09/02/19 - 10/27/19 Summer 2019 Session D 8 Week session

Current Syllabi

The successful student will fulfill the following learning objectives:

  1. Analyze file systems and hard disks
  2. Examine various types of digital media
  3. Utilize Application password crackers
  4. Explain Windows, Linux, and Macintosh boot processes
  5. Develop basic Windows forensics examination procedures
  6. Prepare advanced Windows forensics examination procedures

The grading will be based on eight weekly assignments, eight weekly Forum postings, six weekly labs, an individual project paper with topic, outline, presentation, and a case study.

  1. There will be eight assignments (3% each) counting a total of 24% of the final grade. The assignments will follow each of the major milestones of the course. These assignments will be problems or questions from the text. They are a combination of Lesson Reviews and Lesson Activities and/or Labs. They are selected to provide the student with information to understand the concepts discussed. Assignments should be prepared in Microsoft Word using the following file naming convention: ISSC459_Week#Assignment_First_Last.doc(x) (where the # is the week number, and first and last are your first and last names resp.) and submit the file in this assignments’ area and uploaded into the student folder by the due date. Any necessary Visio diagrams should be incorporated within the Word document as part of the document.
  2. There will be eight weekly Forum postings you will need to respond to. Answers should be 3-4 paragraphs with a topic sentence that restates the question and supporting sentences using the terms, concepts, and theories from the required readings. Each answer should be a minimum of 400 words (about 8 good sentences). You may attack, support or supplement other students’ answers using the terms, concepts and theories from the required readings. All responses should be a courteous paragraph that contains a topic sentence with good supporting sentences. You may respond multiple times with a continuous discussion with points and counter points. The key requirement is to express your idea and then support your position using the terms, concepts and theories from the required readings to demonstrate to me that you understand the material. The Forum postings will count as 20% (2.5% for each discussion posting) of the final grade.
  3. There will be a project paper (10%) with topic selection (2%), outline (4%), and presentation (6%), and a case study (10%) throughout the session, counting as 32% total of the final grade. Please practice using the same file naming convention established in this class for each of these files.
  4. There will be labs (4% each) a total 24% of the final grade. The labs will be online hands-on labs using the necessary tools required in digital forensics.

All assignments, Forum question responses, and the labs are due by 11:55 Eastern Time Sunday of the week assigned.

Project Paper (Topic, Outline, PowerPoint Presentation, and Paper) Topics:
Week 2: Topic selection due

Week 4: Outline due

Week 6: PowerPoint Presentation due

Week 7: Paper due

Topics: Acceptable topics unless I have already approved one:

  • Corporate Forensics
  • The Boot Process
  • Software Piracy
  • Password Crackers
  • Digital Media Devices
  • File systems
  • Windows Architecture Vs. Mac Architecture
  • Intellectual Property

Details of Project Paper (10%): You must include at least ten references.
Prepare a 10-15 page paper in Microsoft Word (counts as 10% of the final grade) in APA format (see writing expectations in the Policies section) (350 words per page). The paper should be between 3500 to 5300 words excluding the title page content and the references page content. At a minimum include the following:

  • Detailed description of the area researched
  • Technology involved in the area
  • Future trends in the area
  • Example companies involved in the area
  • Regulatory issues surrounding the area
  • Global implications for the area
  • References (minimum of 10)

You may use resources from the APUS Online Library, any library, government library, or any peer-reviewed reference (Wikipedia and any other publicly-reviewed source is not accepted). The paper must be at least 10 pages double-spaced, 1" margin all around, black 12 point font (Times New Roman or Arial) with correct citations of all utilized references/sources, (pictures, graphics, etc... are extra - allowed but extra for the minimum page count). The title page and references are also required but don't count in the minimum page count. A minimum of 10 references are required.

The paper will be subjected to checking against plagiarism. The paper must follow acceptable originality criteria (no more than 15% max total, and 2% per individual source match are allowed).

Save the file using the following file naming convention: ISSC459_Project_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area

Here are the originality report requirements:

  1. The originality report must be less than 15% match
  2. No single source shall be above 2%
  3. You must submit the originality report with your paper to your AMU classroom

If you don't follow these three requirement instructions you will get a 0 for your project paper assignment. I will give you the chance to rework your papers until an acceptable level of match is achieved.

At the end of the class, if you have not submitted your paper to turnitin.com, I will submit it anyways even after you'd get a 0, to see the level of plagiarism found, if any. If turnitin.com matches more than 40% you will be subject to academic reporting.

Case Study (10%): You are hired by JLA Enterprise to conduct a Digital Media Investigation after it was discovered the Chief Financial Officer was embezzling money from the company’s accounts. Your job is to review all digital media involved in the case to determine if a crime has been committed. Here are some things to consider when explaining what happened during the investigation:

  • Who was involved in the embezzlement?
  • How much money was taken?
  • How can you prove the individual took the money?
  • What programs were used to embezzle the money?
  • When did they start embezzling the money?
  • Were they working with anyone else?

Your submission should be about 3 to 5 pages (not including the title page and the references page) long in APA format with proper citations and references if you are using them. It will be subjected to checking against plagiarism. The final product must follow acceptable originality criteria (no more than 15% max total, and 2% per individual source match are allowed).

Save the file using the following file naming convention: ISSC459_CaseStudy_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area

NameGrade %
Assignments 20.00 %
Assignment 1 2.50 %
Assignment 2 2.50 %
Assignment 3 2.50 %
Assignment 4 2.50 %
Assignment 5 2.50 %
Assignment 6 2.50 %
Assignment 7 2.50 %
Assignment 8 2.50 %
Forums 20.00 %
Forum 1 2.50 %
Forum 2 2.50 %
Forum 3 2.50 %
Forum 4 2.50 %
Forum 5 2.50 %
Forum 6 2.50 %
Forum 7 2.50 %
Forum 8 2.50 %
Labs 18.00 %
Wk1 Lab 1 3.00 %
Wk2 Lab 2 3.00 %
Wk3 Lab 3 3.00 %
Wk4 Lab 4 3.00 %
Wk6 Lab 5 3.00 %
Wk7 Lab 6 3.00 %
Project Paper Topic 2.00 %
Project Paper Topic 2.00 %
Project Paper Outline 4.00 %
Project Paper Outline 4.00 %
Project Presentation 6.00 %
Project PowerPoint Presentation 6.00 %
Project Paper 10.00 %
Project Paper 10.00 %
Case Study 10.00 %
Case Study 10.00 %
Quizzes 10.00 %
Week 7 and 8 Quiz 2.50 %
Week 5 and 6 Quiz 2.50 %
Week 3 and 4 Quiz 2.50 %
Week 1 and 2 Quiz 2.50 %

Additional Resources

Anson, S., & Bunting, S. (2007). Mastering Windows network forensics and investigation [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=18160

Carvey, H. (2011). Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=41894

Frietas, L. (2011). How to recover data of a Hard Drive for Forensic Investigation. Retrieved from http://blog.luisfreitas.pt/2011/06/22/how-to-recover-data-of-a-hard-drive-for-forensic-investigation/

Reuters. (2012). Aramco Says Cyber attack was Aimed at Production. Retrieved from http://www.nytimes.com/2012/12/10/business/global/saudi-aramco-says-hackers-took-aim-at-its-production.html?_r=0

Rowlingson, R. (2004). A Ten Step Process for Forensic Readiness. Retrieved from http://www.utica.edu/academic/institutes/ecii/publications/articles/A0B13342-B4E0-1F6A-156F501C49CF5F51.pdf

Sammons, J. (2012). The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=44731

Wiles, J., Cardwell, K., & Reyes, A. (2007). The best damn cybercrime and digital forensics book period [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=25452

Selected Bibliography

Computer Forensics: Investigating Hard Disks, File and Operating Systems. (2010). Published by: Cengage Learning. ISBN: 1-4354-8350-2 or 978-1-4354-8350-7

Anson, S., & Bunting, S. (2007). Mastering Windows network forensics and investigation [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=18160

Carvey, H. (2011). Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=41894

Frietas, L. (2011). How to recover data of a Hard Drive for Forensic Investigation. Retrieved from http://blog.luisfreitas.pt/2011/06/22/how-to-recover-data-of-a-hard-drive-for-forensic-investigation/

Reuters. (2012). Aramco Says Cyber attack was Aimed at Production. Retrieved from http://www.nytimes.com/2012/12/10/business/global/saudi-aramco-says-hackers-took-aim-at-its-production.html?_r=0

Rowlingson, R. (2004). A Ten Step Process for Forensic Readiness. Retrieved from http://www.utica.edu/academic/institutes/ecii/publications/articles/A0B13342-B4E0-1F6A-156F501C49CF5F51.pdf

Sammons, J. (2012). The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=44731

Wiles, J., Cardwell, K., & Reyes, A. (2007). The best damn cybercrime and digital forensics book period [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=25452

Book Title:Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures 2nd Ed (Custom - 4 Chap Added) - the VitalSource e-book is provided inside the classroom
ISBN:9781305883468
Publication Info:VS-Cengage
Author:EC-Council
Unit Cost:$133.84
Electronic ISBN:9781337555876
Electronic Unit Cost:$35.00

Previous Syllabi

Not current for future courses.