This course will introduce students to the practice of
digital forensics for the first half of the course. In the second
half of the course we will work on some penetration testing to try
to find weak spots.
Course Outcomes:
After taking this course the student should be able to:
The midterm
exam is scheduled on March 5th.
The final exam will be scheduled by the college.
Exams are your major in class, completely on your own, evaluation of your progress.
Students with special needs:
Anyone who has special needs should contact me in the first week of classes so that reasonable accommodations can be agreed on.
Academic Integrity:
See http://www.bridgew.edu/handbook/policiesprocedures/academicintegrity.cfm for a complete description of the academic integrity procedure at Bridgewater.
Academic integrity will be taken very seriously in this class. All individual work must be your own. If you cheat or otherwise represent the work of others as your own. You will receive an F for the course.
Guidelines for proper academic integrity:
Discussing problems with your classmates can help you understand the problems and kinds of solutions to those problems that you will learn about in this class. In an effort to make in clear what sort of discussions are appropriate and encouraged in this class and which cross the line to academic dishonesty I use the following guidelines: You may discuss any out of class problem I assign in this class with your classmates or other so long as no one is using any sort of recording implement including, but not limited to, computers, pdas, pens, pencils, phones etc. This lets you talk about theoretical solutions without sharing the actual implementations. As soon as anyone in the group is typing, writing etc, all conversations must stop. You may look at someone else's program code only very briefly in order to spot a simple syntax error. As a rule of thumb, if you find yourself looking at someone else's code for more than about 30-45 seconds it is probably time to stop. If you are having trouble with your program, come to the instructors office hours for more help.
All in class exams and quizzes are closed book and closed neighbor. If you are found using a data storage device of any kind during one of these evaluations, you will be failed for the course.
Standards for in class behavior:
You are all adults and are expected to act as adults in this class. While questions are encouraged in this class, if a particular line of questioning is taking us too far afield, I will ask the student to come by my office hours or to see me after class.
Cell phones, pagers, electronic organizers and other devises should be silenced while in class. If you work of EMS or something similar, please turn your cell phones/ pagers etc to vibrate mode so that you are not disrupting others in the class.
In the unlikely case of trouble makers in the class, those who are simply attempting to disrupt the class will be asked to stop; those who will not, will be referred to the college for appropriate action.
I do not take regular
attendance. Because of the census day regulations, I'll have to
take occasional attendance. You are adults and are paying for this
class. If you miss a class, you are expected to get notes from a
classmate and familiarize yourself with the material that was
covered before returning to class. I do find from dealing with
students in the past that attendance at lecture is highly
correlated with doing well in my classes.
Week | Topic | Assignment |
Week 1 | Intro |
|
Week 2 | technical concepts |
|
Week 3 | evidence collection | |
Week 4 | windows artifacts that lead to evidence to
collect. |
|
Week 5 | mac and linux artifacts |
|
Week 6 | Data destruction and anti forensics. | |
Week 7 | network forensics |
|
Week 8 | review and Midterm |
|
Week 9 | mobile forensics |
|
Week 10 | Intro to
penetration testing |
|
Week 11 | reconnaissance and
scanning |
|
Week 12 | Exploitation | |
Week 13 | Web based exploitation |
|
Week 14 | backdoors and rootkits. |
|
Week 15 | review |