Course co-ordinator(s): Dr Ryad Soobany (Dubai), Dr Mike Just (Edinburgh).
Aims:
• Impart a deep understanding of common attack scenarios to students.
• Improve students’ critical analysis skills in computer security and allow them to identify incidents artefacts in a systematic way.
• Provide the student with in-depth understanding of digital forensics concepts and methodologies.
Detailed Information
Course Description: Link to Official Course Descriptor.
Pre-requisites: none.
Location: Dubai.
Semester: 2.
Syllabus:
• Legal aspects: investigation limitations (territorial and jurisdictional), inchoate offences.
• Search and seizure: consent, warrant, evidence seizure.
• Analysis: things to consider, analysis Process, evidence guidelines, order of evidence importance.
• Forensic toolkits: hardware features, software features, common software tools.
• Windows OS artefacts: event log, registry, prefetch, volume shadow copies, shell bags, jumplists, boot, services.
• Linux OS artefacts: “etc” folder, logs, home folder, nautilus, accounts and login history, grub, services.
• Malware persistence mechanisms: auto-startup, cron jobs.
• Malware analysis.
• Reverse Engineering.
• Storage Media: types overview, file Systems overview.
• Common applications’ artefacts: web browsers, chat clients, servers (Apache, mysql), cross-platform applications.
SCQF Level: 11.
Credits: 15.