Module Information
Course Delivery
Delivery Type | Delivery length / details |
---|---|
Practical | 4 hrs |
Lecture | At least 10 hours |
Assessment
Assessment Type | Assessment length / details | Proportion |
---|---|---|
Semester Exam | 2 Hours Written Exam | 50% |
Semester Assessment | Laboratory notebook and report | 50% |
Supplementary Assessment | Will take the same form, under the terms of the Department's policy |
Learning Outcomes
On successful completion of this module students should be able to:
Analyze a computer for deleted and hidden information.
Detect vulnerabilities in a computer system using appropriate tools, and secure against.
Demonstrate an understanding of threats to computer systems and computer networks.
Demonstrate an understanding of the ethical concerns involved in forensics.
Distinguish between relevant and irrelevant materials at a crime scene.
Develop a strategy for defending a computer system against attack.
Aims
To provide an insight into the growing field of forensic computing and network security.
Brief description
The course will provide a practical and in-depth view of security of machines and networks, an overview of the tools available to monitor and analyse such machines and networks before the systems have been compromised, and also to analyse the forensic evidence left behind to trace culprits.
Content
2. Footprinting and Scanning (1 lecture + 1 practical)
3. Viruses, Trojans and Backdoors (1 lecture + 1 practical)
4. Denial of Service ( 1 lecture + 1 practical)
5. Social Engineering (1 lecture)
6. IDS, Firewalls and Honeypots (1 lecture + 1 practical)
7. Cryptography (1 lecture + 1 practical)
8. Buffer Overflows & Web application vulnerabilities (4 practicals)
9. The use of forensic computing software (eg. EnCase, Penguin Sleuth, Knoppix STD) (4 practicals)
10. Hacking wireless networks (1 lecture)
11. Scene of crime analysis (1 lecture + 1 practical)
Module Skills
Skills Type | Skills details |
---|---|
Application of Number | no |
Communication | Presentation of workshop results as a report and//or lab workbook. |
Improving own Learning and Performance | Inherent in level of subject |
Information Technology | Inherent to subject |
Personal Development and Career planning | no |
Problem solving | Use of forensic analysis software |
Research skills | In order to do practicals |
Team work | Working as pairs in lab work |
Reading List
General Text(2003.) Hacker's challenge 2 :test your network security & forensic skills /Mike Schiffman ... [et al.]. McGraw-Hill/Osborne Primo search Farmer, Dan. (c2005.) Forensic discovery /Dan Farmer, Wietse Venema. http://www.loc.gov/catdir/toc/ecip052/2004024189.html Addison-Wesley Jones, Keith J. (2006.) Real digital forensics :computer security and incident response /Keith J. Jones, Richard Bejtlich, Curtis W. Rose. Addison-Wesley Primo search Mitnick, Kevin D. (c2002.) The art of deception :controlling the human element of security /Kevin D. Mitnick and William L. Simon. Wiley Primo search Provos, Niels. (c2008.) Virtual honeypots :from botnet tracking to intrusion detection /Niels Provos, Thorsten Holz. http://www.loc.gov/catdir/toc/ecip0718/2007020022.html Addison-Wesley Schiffman, Mike. (c2001.) Hacker's challenge :test your incident response skills using 20 scenarios /Mike Schiffman. Osborne/McGraw-Hill Primo search Spitzner, Lance. (c2003.) Honeypots :tracking hackers /Lance Spitzner. Addison-Wesley Primo search Vladimirov, Andrew A. (c2004.) Wi-Foo /Andrew A.Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky. Addison-Wesley Primo search Recommended Text
Stoll, Clifford. (1990) The cuckoo's egg :tracking a spy through the maze of computer espionage /Clifford Stoll. Pocket books Primo search
Notes
This module is at CQFW Level 7