IY2S601 - Digital Forensics (eCrime) 01 Jul 2022 - 31 Aug 2028 | Version 3
Associated Module Information
| Module Code: | IY2S601 | ||
|---|---|---|---|
| Module Title: | Digital Forensics (eCrime) | ||
| Faculty: | Faculty of Computing, Engineering and Science | ||
| Faculty Group: | Cyber Security | ||
| Faculty Sub Group: | Cyber Security | ||
| Module Leader: | Beth Jenkins | ||
| Module Team: | Peter Eden, Christopher Tubb, Mamoun Qasem, Nisha Rawindaran, Rachael Medhurst, Arun Kumar, Richard Ward, Joshua Richards, Emma Derbi, Madhu Khurana, Christopher Manley, Andrew Bellamy, Sharan Johnstone, Chelsea Cooper, Amala Neahamiah, James McCormack, Aaron Wall, Hannah Seale | ||
| First Intended Intake: | SEP 2016 | Final Year of Intake: | 2027 |
| Date Closed: | |||
| Credit Value: | 20 | Credit Level: | 5 |
| Language: | English | ||
| Percentage of Module Taught in Welsh: | 0 | ||
| Equivalent Module: | |||
| HECOS codes: | 100385 - computer forensics | ||
| HECOS Code Weighting: | 100 | ||
Document Version Information
| Version | 3 |
|---|---|
| Valid From | 01 Jul 2022 |
| Valid To | 31 Aug 2028 |
Module Aims
1. To provide knowledge of the tools and techniques associated with computer forensics.
2. To develop the students ability to apply computer forensics principles to a range of problems
Content Summary
Introduction to Digital Forensic Principles and Phases
Computing Professionals and the Law:
- Association of Chief Police Officers Good Practice Guide on Digital Evidence (ACPO):
- Legal and procedural elements that validate and maintain evidential integrity.
Digital Crimes
- Cybercriminal activity
- Threat Actors
Evidential Management
- Understanding and validating the chain of custody from seizure to the court room
- Expert Witness Report Writing
Computer Forensic Tools:
- Device imaging and case creation/validation
- Exhibit identification and analysis.
- Digital forensics analysis tools
- Introduction to password recovery
- Introduction to hiding techniques and forensic recovery
- Data recovery and carving techniques
Learning and Teaching Methods
| Activity Type | Hours |
|---|---|
| Lecture | 24 |
| Tutorial | 24 |
| Independent Study | 80 |
| Directed Study | 72 |
| Total Hours Selected | 200 |
Learning Outcomes
| # | Learning Outcome |
|---|---|
| LO1 | To identify, analyse and extract a wide range of computer forensic artefacts found in common operating systems and file systems. |
| LO2 | To demonstrate the correct usage and the features of a standard forensic analysis tool. |
Module Requisites
N/A
Assessment Criteria
| Assessment Category | Assessment Type | Description | Duration | Word Count | Weight (%) | Best of? | Pass Mark |
|---|---|---|---|---|---|---|---|
| Asynchronous Assessment | Report 1 | A written report that draws on knowledge and material from the module or course. | 0 | 2000 | 50 | No | 40 |
| Asynchronous Assessment | Practical Written Work 1 | A write up of a piece of practical work that has been undertaken. | 0 | 2000 | 50 | No | 40 |
Assessment Matrix
| Assessment Type | Learning Outcomes | ||
|---|---|---|---|
| LO1 | LO2 | ||
| Report 1 | ✔ | ✔ | |
| Practical Written Work 1 | ✔ | ✔ | |