Active Outline

General Information

Course ID (CB01A and CB01B)
CISD104.
Course Title (CB02)
Digital Forensics and Hacking Investigation
Course Credit Status
Credit - Degree Applicable
Effective Term
Fall 2024
Course Description
The course is an introduction to computer cybercrime and hacking investigation processes. Topics include computer forensics tools, hacking investigation tools, data recovery, information gathering techniques, computer data preservation techniques, and computer cybercrime investigation techniques. System administrators, security professionals, IT staff, and law enforcement personnel, would benefit from taking this course. Also, this course can help prepare students to pass computer forensics certification examinations, such as the EC-Council Computer Hacking Forensic Investigator (CHFI) or the Certified Forensic Computer Examiner (CFCE) credential.
Faculty Requirements
Discipline 1
[Computer Information Systems (Computer network installation, microcomputer technology, computer applications)]
FSA
[FHDA FSA - CIS]
Course Family
Not Applicable

Course Justification

This is a course in a CTE program that was developed based on state and national trends needing computer security professionals. According to the CUS Bureau of Labor Statistics, Computer Security analysts are one of the highest paying areas in California through 2031 with projected to grow 35 percent from 2021 to 2031. Median salary in 2021 is $102,600. This course will be included in our Cybersecurity A.A. degree. This course provides students with the foundation skills for computer security jobs in the Silicon Valley.

Foothill Equivalency

Does the course have a Foothill equivalent?
No
Foothill Course ID

Course Philosophy

Formerly Statement

Course Development Options

Basic Skill Status (CB08)
Course is not a basic skills course.
Grade Options
  • Letter Grade
  • Pass/No Pass
Repeat Limit
0

Transferability & Gen. Ed. Options

Transferability
Not transferable

Units and Hours

Summary

Minimum Credit Units
4.5
Maximum Credit Units
4.5

Weekly Student Hours

TypeIn ClassOut of Class
Lecture Hours4.08.0
Laboratory Hours1.50.0

Course Student Hours

Course Duration (Weeks)
12.0
Hours per unit divisor
36.0
Course In-Class (Contact) Hours
Lecture
48.0
Laboratory
18.0
Total
66.0
Course Out-of-Class Hours
Lecture
96.0
Laboratory
0.0
NA
0.0
Total
96.0

Prerequisite(s)

Corequisite(s)

Advisory(ies)

ESL D261. and ESL D265., or ESL D461. and ESL D465., or eligibility for EWRT D001A or EWRT D01AH or ESL D005.

CIS D108.

Limitation(s) on Enrollment

Entrance Skill(s)

General Course Statement(s)

Methods of Instruction

Lecture and visual aids

Discussion of assigned reading

Discussion and problem solving performed in class

Quiz and examination review performed in class

Homework and extended projects

Assignments

  1. Reading assignments
  2. Complete assigned homework review questions
  3. View assigned security videos/articles

Methods of Evaluation

  1. Final exam and quizzes to evaluate comprehension and mastery of key terms and concepts as well as application skills related to analysis and synthesis of computer concepts.
  2. Participation in lab skills exercises that demonstrate the ability to critically evaluate the proper use of appropriate computer security software to complete a given set of computer-related tasks.

Essential Student Materials/Essential College Facilities

Essential Student Materials: 
  • None
Essential College Facilities:
  • None

Examples of Primary Texts and References

AuthorTitlePublisherDate/EditionISBN
Chuck EasttomDigital Forensics, Investigation, and ResponseJones and Bartlett2022 4th edition9781284226065

Examples of Supporting Texts and References

None.

Learning Outcomes and Objectives

Course Objectives

  • Explore the forensics profession
  • Analyze examples of computer crime
  • Investigate forensic methods and labs
  • Explore how to collect, seize, and protect evidence
  • Examine techniques for hiding and scrambling information
  • Explore data recovery methods
  • Explore e-mail forensics
  • Analyze Windows forensics
  • Analyze Linux forensics
  • Analyze Macintosh computer forensics
  • Examine mobile forensics
  • Perform network analysis
  • Investigate incident and intrusion response
  • Explore trends and future directions
  • Explore system forensics resources

CSLOs

  • Demonstrate data recovery and cybercrime forensics investigation techniques.

Outline

  1. Explore the forensics profession
    1. The definition and scope of computer forensics
    2. Understanding the field of digital forensics
    3. Knowledge needed for computer forensics analysis
    4. The Daubert Standard
    5. U.S. laws affecting digital forensics
    6. Federal guidelines
  2. Analyze examples of computer crime
    1. How computer crime affects forensics
    2. Identity theft
    3. Hacking
    4. Cyberstalking and harassment
    5. Fraud
    6. Non-access computer crimes
    7. Cyberterrorism
  3. Investigate forensic methods and labs
    1. Forensic methodologies
    2. Formal forensic approaches
    3. Documentation of methodologies and findings
    4. Evidence handling tasks
    5. How to set up a forensic lab
    6. Common forensic software programs
    7. Forensic certifications
  4. Explore how to collect, seize, and protect evidence
    1. Proper procedure
    2. Handling evidence
    3. Storage formats
    4. Forensic imaging
    5. RAID acquisitions
  5. Examine techniques for hiding and scrambling information
    1. Steganography
    2. Encryption
  6. Explore data recovery methods
    1. Undeleting data
    2. Recovering information from damaged media
  7. Explore e-mail forensics
    1. How e-mail works
    2. E-mail headers
    3. Tracing e-mail
    4. E-mail server forensics
    5. E-mail and the Law
  8. Analyze Windows forensics
    1. Windows details
    2. Volatile data
    3. Windows swap file
    4. Windows lobs
    5. Windows directories
    6. Index.dat
    7. The registry
  9. Analyze Linux forensics
    1. Linux basics
    2. Linux file systems
    3. Linux logs
    4. Linux directories
    5. Shell commands for forensics
    6. The difficulty of undeleting files in Linux
  10. Analyze Macintosh computer forensics
    1. Mac basics
    2. Macintosh logs
    3. Directories
    4. Macintosh forensic techniques
  11. Examine mobile forensics
    1. Cellular device concepts
    2. Evidence you can get from a cell phone
    3. Seizing evidence from a mobile device
  12. Perform network analysis
    1. Network packet analysis
    2. Network traffic analysis
    3. Router forensics
    4. Firewall forensics
  13. Investigate incident and intrusion response
    1. Disaster Recovery
    2. Preserving evidence
    3. Adding forensics to incident response
  14. Explore trends and future directions
    1. Technical trends
    2. Legal and procedural trends
  15. Explore system forensics resources
    1. Tools to use
    2. Resources
    3. Laws

Lab Topics

  1. Apply the Daubert Standard to forensic evidence
  2. Recogniz the Use of Steganography in Forensic Evidence
  3. Recover Deleted and Damaged Files
  4. Conduct an Incident Response Investigation
  5. Conduct Forensic Investigations on Windows Systems
  6. Conduct Forensic Investigations on Linux Systems
  7. Conduct Forensic Investigations on Email and Chat Logs
  8. Conduct Forensic Investigations on Mobile Devices
  9. Conduct Forensic Investigations on Network Infrastructure
  10. Conduct Forensic Investigations on System Memory
Back to Top