Module CSN08111- Digital forensics

The aim of the module is to investigate the principles of operating systems and how they hinder or support forensic investigation. The module includes significant practical sessions in applying computer forensics in realistic real-world scenarios, allowing students to analyse and evaluate digital evidence through the use of forensic tools and techniques. The tools examined will include both public domain tools as well as commercial offerings. The practicals will be complemented with considerable theoretical knowledge of operating system information as digital evidence, and the basic techniques associated with gathering, preserving and presenting digital evidence. Outlines of the main areas include:

? Introduction to desktop operating systems such as Windows, Mac, Linux
? Introduction to mobile phone evolution, the growth of Smartphone and tablet platforms and operating systems
? User data area, directories and files
? Forensic artefacts specific to the operating system and their role as digital evidence
? Web browser information and password recovery
? Introduction to anti-forensic methods and tools.

On completion of this module you will be able to:

LO1: Critically analyse and evaluate operating system artefacts as digital evidence in forensic investigation

LO2: Critically reflect techniques and tools used in computer forensic investigation

LO3: Conduct a computer forensic investigation in an ethical and professional manner

LO4: Critically reflect on relevant computer forensic literature and quality information sources.