IY2S555 - Post Incident Analysis 01 Sep 2024 - 31 Aug 2029 | Version 1
Associated Module Information
| Module Code: | IY2S555 | ||
|---|---|---|---|
| Module Title: | Post Incident Analysis | ||
| Faculty: | Faculty of Computing, Engineering and Science | ||
| Faculty Group: | Computing and Mathematics | ||
| Faculty Sub Group: | Cyber Security | ||
| Module Leader: | Rachael Medhurst | ||
| Module Team: | Beth Jenkins, Sharan Johnstone, Emma Derbi, Andrew Butcher, Madhu Khurana, Peter Eden, Richard Ward, Arun Kumar, Joshua Richards, Nisha Rawindaran | ||
| First Intended Intake: | SEP 2024 | Final Year of Intake: | 2028 |
| Date Closed: | |||
| Credit Value: | 20 | Credit Level: | 5 |
| Language: | English | ||
| Percentage of Module Taught in Welsh: | 0 | ||
| Equivalent Module: | |||
| HECOS codes: | 100385 - computer forensics | ||
| HECOS Code Weighting: | 100 | ||
Document Version Information
| Version | 1 |
|---|---|
| Valid From | 01 Sep 2024 |
| Valid To | 31 Aug 2029 |
Module Aims
To evaluate, analyse and synthesize the capability to successfully perform digital forensic processes to assist in post-incident analysis.
Content Summary
Incident Response fundamentals
Threat Hunting
- Kill Chain
- Diamond Model
- Causes of Action matrix
Memory Forensics
Log Data Analysis
Traffic Analysis
Timeline Analysis
Root Cause Analysis
Malware forensics:
- Malware Analysis
- Indicators of Compromise
- Yara Rules
Evidence Retention
Reporting
Intelligence Sharing
Learning and Teaching Methods
| Activity Type | Hours |
|---|---|
| Lecture | 24 |
| Tutorial | 24 |
| Independent Study | 80 |
| Directed Study | 72 |
| Total Hours Selected | 200 |
Learning Outcomes
| # | Learning Outcome |
|---|---|
| LO1 | To demonstrate and evaluate a systematic understanding of the principles and practices associated with post-incident analysis. |
| LO2 | To critically discuss and analyse the issues associated with incident response. |
Module Requisites
N/A
Assessment Criteria
| Assessment Category | Assessment Type | Description | Duration | Word Count | Weight (%) | Best of? | Pass Mark |
|---|---|---|---|---|---|---|---|
| Asynchronous Assessment | Report 1 | A written report that draws on knowledge and material from across a whole programme | 0 | 2000 | 50 | No | 40 |
| Asynchronous Assessment | Practical Written Work 1 | A write up of a piece of practical work that has been undertaken. | 0 | 2000 | 50 | No | 40 |
Assessment Matrix
| Assessment Type | Learning Outcomes | ||
|---|---|---|---|
| LO1 | LO2 | ||
| Report 1 | ✔ | ✔ | |
| Practical Written Work 1 | ✔ | ✔ | |