|
Lecturer(s)
|
-
Malaník David, Ing. Ph.D.
|
|
Course content
|
584/5000 Topics: 1. Introduction to cyber security - focus on digital forensic technologies. 2. Necessary legal minimum for the treatment of traces. 3. What is a digital track. 4. Preparation of data for analysis, disk cloning. 5. Working with images. 6. Extracting digital tracks. 7. Authentication of digital tracks. 8. Storage of digital tracks. 9. Forensic analysis of operating systems. 10. Forensic analysis of network elements. 11. Tracing of communication in LAN / WAN networks. 12. Forensic analysis of mobile devices. 13. SW used for forensic analysis. 14. Creation of reports from forensic analyzes
|
|
Learning activities and teaching methods
|
Lecturing, Demonstration, E-learning
- Home preparation for classes
- 30 hours per semester
|
| prerequisite |
|---|
| Knowledge |
|---|
| Basic orientation in MS Windows and Linux operating systems. Basic orientation in the field of LAN / WAN networks. |
| Basic orientation in MS Windows and Linux operating systems. Basic orientation in the field of LAN / WAN networks. |
| learning outcomes |
|---|
| Describe the capability to initially secure data during a security incident. |
| Describe the capability to initially secure data during a security incident. |
| Describe how to secure data from a compromised system. |
| Describe how to secure data from a compromised system. |
| Explain how to build a scenario for basic forensic analysis. |
| Explain how to build a scenario for basic forensic analysis. |
| Explain the construction of a timeline for a system under investigation. |
| Explain the construction of a timeline for a system under investigation. |
| Describe how to work with a compromised system. |
| Describe how to work with a compromised system. |
| Skills |
|---|
| Seize data from the compromised system. |
| Seize data from the compromised system. |
| Develop a forensic analysis according to the assignment. |
| Develop a forensic analysis according to the assignment. |
| Analyze the timeline of the system under investigation. |
| Analyze the timeline of the system under investigation. |
| Build scenarios for basic forensic analysis. |
| Build scenarios for basic forensic analysis. |
| Construct timeline scenarios for the system under study. |
| Construct timeline scenarios for the system under study. |
| teaching methods |
|---|
| Knowledge |
|---|
| Lecturing |
| Lecturing |
| E-learning |
| E-learning |
| Demonstration |
| Demonstration |
| assessment methods |
|---|
| Composite examination (Written part + oral part) |
| Composite examination (Written part + oral part) |
|
Recommended literature
|
-
AYMAN, Shaaban-Konstantin Sapronov. Practical Windows forensics: leverage the power of digital forensics for Windows systems. Packt Publishing, 2016. ISBN 9781783554096.
-
Emmett DULANEY. Linux all-in-one for dummies. 5th ed.. Hoboken, NJ, 2014. ISBN 9781118844359.
-
Gerard JOHANSEN. Digital forensics and incident response: a practical guide to deploying forensic techniques in response to cyber security incidents. Packt Publishing, 2017. ISBN 9781787288683.
-
Harlan CARVEY. Windows forensic analysis toolkit: advanced analysis techniques for Windows 8. Fourth edition. Amsterdam; Boston: Syngress, 2014. ISBN 9780124171572.
-
John VACCA. Computer and information security handbook. Second edition. Amsterdam: Morgan Kaufmann, an imprint of Elsevier, 2013. ISBN 9780123943972.
|