Course Summary
Credit Type:
ACE Course Number:
2 weeks (40 hours)
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Vocational-Certificate 3 network security


The course objective is to present a detailed methodological approach to computer forensics and evidence analysis. It is a comprehensive course covering major forensic investigation scenarios that enable students to acquire hands-on experience on various forensic investigation techniques and standard tools necessary to successfully carry out a computer forensic investigation.

Learning Outcomes:

  • demonstrate understanding of the computer forensic investigation process and the potential legal issues involved
  • evidence searching, seizing and acquisition methodologies in a legal and forensically sound manner
  • different types of digital evidence, rules of evidence, the digital evidence examination process, and electronic crime and digital evidence consideration by crime category
  • the role of the first responder, the first responder toolkit, securing and evaluating an electronic crime scene, conducting preliminary interviews, documenting an electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, and reporting the crime scene
  • various file systems and how to boot a disk
  • gathering volatile and nonvolatile information from Windows
  • data acquisition and duplication rules, validation methods and tools required
  • how to recover deleted files and deleted partitions in Windows, Mac OS X, and Linux
  • the process involved in a forensic investigation using Access Data FTK and EnCase
  • steganography and its techniques, steganalysis, and image file forensics
  • password cracking concepts, tools, types of password attacks and how to investigate password protected files
  • different types of log capturing, log management, time synchronization and log capturing tools
  • the importance of the investigation of logs, network traffic, wireless attacks, and web attacks
  • the importance of the tracking of e-mails and investigation of e-mail crimes
  • mobile forensics and mobile forensics software and hardware tools
  • the importance of writing investigative reports

General Course Topics:

  • Computer forensics in today's world
  • Computer forensics investigation process
  • Understanding hard discs and file systems
  • Operating systems forensics
  • Defeating anti-forensic techniques
  • Data acquisition and duplication
  • Network forensics
  • Investigating web attacks
  • Database forensics
  • Cloud forensics
  • Malware forensics, investigating email crimes
  • Mobile forensics
  • Investigative reports
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Classroom Exercise
  • Discussion
  • Laboratory
  • Lectures
  • Practical Exercises

Methods of Assessment:

  • Examinations
  • Performance Rubrics (Checklists)
  • Quizzes

Minimum Passing Score:

Supplemental Materials