Jul 23, 2024  
2023-2024 Catalog 
    
2023-2024 Catalog [PAST CATALOG]

CJS 207 - Digital Forensics 2

4 credit hours - Four hours of lecture and directed laboratory weekly; one term.
Formerly CJS 208 - Cyber Forensics 2

Practice digital forensics response and examination techniques. Recover and analyze digital evidence using industry standard commercial and open sources tools. Evaluate operating systems and file systems to locate and analyze evidence using various Windows, Linux and Mac command line and GUI tools. Use investigation results to develop comprehensive forensic reports. Lab fee $60.

Prerequisite(s): CJS 170  or CTS 170 .

Crosslisted: Also offered as CTS 207 ; credit is not given for both CJS 207 and also CTS 207 .

Course Outcomes:
  • Explore the functionality of the Windows OS as it relates to data storage and evidence.
    • Identify Windows FAT and NTFS hard disks, media and file systems.
    • Research the location of Windows artifacts.
    • Deduce how Windows artifacts were created in test environment.
    • Identify and locate Windows registry files.
  • Explore the functionality of the Linux OS as it relates to data storage and evidence.
    • Identify Linux ext formatted hard disks, media and file systems.
    • Research the location of Linux artifacts.
    • Deduce how Linux artifacts were created in a test environment.
  • Explore the functionality of the Macintosh OS as it relates to data storage and evidence.
    • Identify Mac OS HFS formatted hard disks, media and file systems.
    • Research the location of Mac OS artifacts.
    • Deduce how Mac artifacts were created in a test environment.
  • Practice preserving, handling and documenting digital evidence.
    • Compare legal and societal considerations of American and European forensic practices.
    • Preserve, extract and analyze digital forensic evidence.
    • Prepare and submit documentation of forensic analysis.
    • Prepare a forensic report.
    • Prepare a presentation of forensic findings.
  • Identify processes and communications in a network environment.
    • Identify system, security and event logs.
    • Recognize artifacts from at least three different web browsers.
    • Identify and locate Windows registry files.