AF4S717-Cyber and Digital Investigations- Curriculum Information

AF4S717 - Cyber and Digital Investigations 01 Sep 2024 - 31 Aug 2030 | Version 1

Associated Module Information

Module Code:	AF4S717
Module Title:	Cyber and Digital Investigations
Faculty:	Faculty of Business and Creative Industries
Faculty Group:	Accounting and Finance
Faculty Sub Group:	Accounting and Finance
Module Leader:	Kristy Elias
Module Team:	Jared Davies, Jonathan Evans, Lucie Corcoran
First Intended Intake:	SEP 2024	Final Year of Intake:	2029
Date Closed:
Credit Value:	20	Credit Level:	7
Language:	English
Percentage of Module Taught in Welsh:	0
Equivalent Module:
HECOS codes:	100376 - computer and information security
HECOS Code Weighting:	100

Document Version Information

Version	1
Valid From	01 Sep 2024
Valid To	31 Aug 2030

Module Aims

This module will enable students to synthesise knowledge of the tools, techniques and practices associated with digital forensics and to apply computer forensics principles to a range of problems.2028 In addition, they will develop a critical understanding of the law relating to digital forensics and a thorough understanding of cybercrime and possible mitigations.

Content Summary

Computer Crime Investigative Principles and Practices: Digital Evidence on Computer Networks; Digital Evidence on the Internet; Digital Evidence in TCP/IP, Mobile forensics, Email forensics.
Computer Forensics: Computer Audit Log Analysis; Operating Systems Forensics; Cryptographic Techniques assisting Forensics (e.g. SHA, MD5); Event Timing; File Reconstruction; Network Forensics; Disk Imaging and Disk Recovery;

Rules of Evidence and Standards: Chain of custody; Criminal Justice Act and Police and Criminal Evidence Act; Role of the Expert Witness; Appropriate Standards, Ethics, manipulation and destruction of data;

Cyber Crime: Attack vectors (social engineering, hacking, phishing, pharming, crimeware etc), mitigations (firewalls, IDS, IPS, encryption, network security, policy)

Learning and Teaching Methods

Activity Type	Hours
Lecture	32
Tutorials	16
Independent Study	120
Directed Study	32
Total Hours Selected	200

Learning Outcomes

#	Learning Outcome
LO1	To critically discuss the issues surrounding the computer forensic process, from the initial scene of crime management, through the analysis to the creation and submission of a final report.
LO2	To be able to critically evaluate techniques to protect information and systems, both for individuals and for organisations.

Module Requisites

N/A

Assessment Criteria

Assessment Category	Assessment Type	Description	Duration	Word Count	Weight (%)	Best of?	Pass Mark
Asynchronous Assessment	Practical Written Work 1	Digital Forensic Investigation and Understanding	0	4000	100	No	100

Assessment Matrix

Assessment Type	Learning Outcomes
Assessment Type	LO1	LO2
Practical Written Work 1	✔	✔

Reading List

Accessdata - www.accessdata.com

International Journal of Digital Evidence

Journal of Digital Forensics and Law

International Journal of Forensic Computer Science

International Journal of Digital Evidence

Sammons J, The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics, 2014.

Shaaban A, Sapronov K, Practical Windows Forensics, 2016

Nikkel B, Practical Forensic Imaging: Securing Digital Evidence with Linux Tools, 2016.

Hoog, A., iPhone and iOS Forensics: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices, 2011

Carrier B, (2005) Forensic File System Analysis, Addison Wesley.

Hoog, A., Android Forensics: Investigation, Analysis and Mobile Security for Google Android, Syngress, 2007

SANS Digital Forensics and Incidenct Response Blog - https://digital-forensics.sans.org/blog

Prodiscover on-line Resources - http://www.techpathways.com/DesktopDefault.aspx

The Forensics Wiki – www.forensicswiki.org/