Chat with us, powered by LiveChat
Enquire now
Home / Courses / Undergraduate / Digital Forensics

Digital Forensics

Testimonials

Aleksandra Shcherbakova

Master of Management

“I have met some truly impressive talents and kind personalities among our lecturers."

Angelica Balajadia

Master of Management

“I have found my people here, I have networked here. I am open to doors opening and so many doors are opening already."

Wiranpatchara (Sandy) Wongchanapai

Master of International Business

"Whilst studying at ICMS, I was able to have a strong work/study life balance".

Cameron Colvin

Bachelor of Business (Marketing)

"My work experience boosted my confidence and allowed me to apply theoretical knowledge in practical settings."

Taylor McLeod

Bachelor of Business (Sports Management)

“The small, intimate environment in my lectures makes me feel like I am being heard and that I am getting the most out of my studies."

Julie Williams

Bachelor of Business (Fashion and Global Brand Management)

"I chose ICMS because they have provided me with the opportunity to kickstart my career through their many industry partners".

Keegan Du Preez

Bachelor of Business Management (Accounting)

"ICMS is realistic. They understand the realistic expectations of various markets. It’s not just textbook knowledge, especially compared to every other competitor".

Michaela Mayes

Bachelor of Business (Marketing)

"ICMS' Work Integrated Learning gave me the ability to gain real life experience before I even graduated".

Alana Williams

Bachelor of Business (Accounting)

“I worked full time whilst studying, with ICMS allowing for such a great work to study ratio and balance, where I was flexibly allowed to do both.”

Juliette Wilson

Bachelor of Business (Marketing)

"I think the biggest thing is that you get a personalised experience, and you’ll be treated like a person, not a number".

Calum McKnight

Bachelor of Business (Marketing)

“Very quickly, ICMS gave me a circle of friends who are pretty driven – but who also like to have fun – and when I see where they are now it’s pretty exciting and it drives me further.”

Ewan Metcalfe

Bachelor of Business (Sports Management)

"Through being at this college and the geographical location, it always reminded me to stay grounded, keep working hard to further improve my life and stay happy".

Prospectus 2024
Download Now

This subject is available under ICMS undergraduate degrees, please click the button below to find an undergraduate course for you.

BROWSE UNDERGRADUATE DEGREES WITH THIS SUBJECT

Subject Code:

CYB303A

Subject Type:

Specialisation 

Credit Points:

3 credit points 

Pre-requisite/Co-requisite: 

ICT103A Programming Principles  

CYB201A Network Security, and 

Course level pre-requisite: a total of 24 credit points (15 credit points, including ICT101A, ICT102A, ICT103A, DAT101A from level 100 and 9 credit points from level 200 core subjects) prior enrolling into level 300 core and specialisation subjects. 

Subject Level:

300

Subject Rationale:

The growing use of digital technologies in organisations is prevalent to the point where, for virtually all business contexts, they are integral to the core functions of their operational landscape. From a cybersecurity perspective, this dependency makes organisations more susceptible to cyberattacks and cybercrime, which are becoming more pervasive. 

For this reason, the need to develop investigative and forensic capabilities is on the rise, as they enable the cybersecurity industry to learn from the innovative methods cybercriminals develop and employ. These learnings are transformed into cyber intelligence, which is crucial to creating response strategies and measures to information security threats and cyberattacks. 

This subject equips students with the underpinning concepts, theories, principles, and practices of digital forensics in cybersecurity. Students will learn how to systematically implement the phases and their inherent processes of digital forensics, applying a range of tools and techniques specific to a range of IT domains in contemporary settings. 

This subject is practice-based and learning is predominantly acquired in laboratory sessions where students will develop their capabilities in exercising industry-standard digital forensic investigation methods. They will conduct digital investigations by procedurally executing forensics practices, demonstrating the ability to draw conclusions and report on digital evidence analysis. The legal, ethical, and professional aspects of digital forensics will also be examined. 

Learning Outcomes:

a) Explain the role and applications of digital forensics in cybercrime investigations and organisational information security management systems.

b) Perform digital forensic examination for complex cybercrimes by executing its inherent lifecycle phases, processes, procedures, and methodologies.

c) Apply industry best practices, tools, and techniques to collect and analyse digital evidence during a forensic case, exhibiting professionalism and adhering to ethical code of conduct.

d) Critically evaluate the results of a digital forensics investigation, judiciously synthesise findings, and present evidentiary reports following professional standards.

e) Exercise decision-making and problem-solving to gather, audit, and interpret volatile and non-volatile digital evidence from various forensics artefacts.

f) Articulate ethical, professional, and legal considerations associated with digital forensics practices and their application.

Student Assessment:

Broad Topics to be Covered:

Topic: 
Week 1: Concepts of Forensics 

  • Theories of digital forensics 
  • Data recovery lifecycle 
  • Preparing and conducting digital investigations 
  • Ethics and professionalism in digital forensics 
Week 2: Forensics Lab and Data Acquisition Preparation 

  • Physical facility requirements 
  • Environmental controls 
  • Hardware Equipment 
  • Evidence collection facility 
  • Workstation and software 
  • Data backup 
  • Policy, procedures, and protocols for forensic activities 
Week 3: Legal Frameworks and Cyberlaw 

  • Cybercrime 
  • International cyberlaw 
  • Australian laws and regulations 
  • Investigation methods for collecting digital evidence 
Week 4: Forensics Lifecycle, Phases, and Processes 

  • Identification Phase 
  • Collection Phase 
  • Examination Phase 
  • Analysis Phase 
  • Presentation Phase 
Week 5: Using Digital Forensics Tools 

  • Storage Formats and Data  
  • Tools to collect Data 
  • Methods for Validating Data Acquisition  
  • Network Acquisition Tools 
  • Hardware and Software tools 
  • Other Forensics tools 
  • How to evaluate the need for a tool 
Week 6: Operating System Forensics  

  • File Systems and Storage 
  • NTFS, Unix and Linux File Systems 
  • Whole Disk Encryption 
  • Windows Registry 
  • Windows Start-up Procedure and Tools 
  • Unix Booting Process 
  • Linux Booting Process, GRUB Boot Loader 
Week 7: Main Memory Forensics 

  • Concepts of Memory Management 
  • Volatility 
  • Memory Analysis 
Week 8: Application and Internet Forensics 

  • Email investigations 
  • Social Media Investigations 
  • Tracing information on the internet 
  • Network and remote acquisition 
  • Application programming interfaces 
Week 9: Cloud Forensics 

  • Cloud Computing Fundamentals 
  • Legal Issues in cloud investigations 
  • Technical topics in cloud investigation 
  • Data acquisition in the cloud 
  • Cloud forensics investigation procedure 
  • Tools for cloud forensics 
Week 10: Mobile Forensics 

  • Mobile Phone Fundamentals 
  • Mobile operating Systems 
  • Acquisition procedures for mobile devices 
  • Tools for mobile forensics 
Week 11: Other Topics in Digital Forensics 

  • Report writing for high tech forensics 
  • Expert testimonies in digital investigations 
  • Ethics and code of conduct for forensics experts 
  • Future trends, challenges, and concerns 

 

Please note that these topics are often refined and subject to change so for up to date weekly topics and suggested reading resources, please refer to the Moodle subject page.