Course - Open Source Forensics - IMT4012-PHS
IMT4012-PHS - Open Source Forensics
About
Examination arrangement
Examination arrangement: Assignment
Grade: Letters
Evaluation | Weighting | Duration | Grade deviation | Examination aids |
---|---|---|---|---|
Assignment | 100/100 |
Course content
Linux operating system, commands, and tools
Linux filesystem and forensic artifacts
Scripting and programming for investigators
Building own forensic toolkit applications
Forensic tool testing and quality assurance
Linux analysis and data recovery techniques
Investigation and forensic analysis
Law and ethics
Crime prevention policing
Learning outcome
Knowledge
After completing the course the candidate possesses knowledge of:
The importance of open source software in the investigation
New methods and techniques used in the investigation
Legal and ethical issues
Automation of techniques
The benefit of being able to customize the tool in relation to specific challenges
Skills
After completing the course the candidate can:
Utilize the potential of tools written in open source
Master command interpreters
Assess tools for adapting to different situations
Develop Open source tools for efficient investigation within the rule of law
Understand scripts written by others and adapt them to your context
Validate proprietary and open tools
General Competence
After completing the course the candidate can:
Emerge with greater insight and confidence in the professional role
Show personal responsibility for tasks in the investigation of electronic tracking
Identify and evaluate ethical dilemmas in work performance
See a record in a bigger prevention and investigation purposes
Learning methods and activities
Forelesninger|Nettbasert Læring|Obligatoriske oppgaver|Annet
Utfyllende informasjon:
Lectures and exercises delivered by PHS, through PHS´s digital learning system (It´s Learning/PingPong)Other: Independent studyThe course will be made accessible for remote students. It is organized as a web-based, online course where students can choose their own study time and follow their progress. The program is estimated to be approx. 280 hours.In the course student-centered learning activities on the internet are emphasized, including 10 online, on-demand lectures and the use of a virtual computer lab. The learning activities shall contribute to the learning outcome of the students, and in particular emphasize the relationship between theory and practice.In this course, students will build their forensic toolkit from scratch, which also takes place in a virtual environment. Throughout the course students will construct their forensic toolkit gradually and end with a complete machine that is specially adapted to needs of a digital forensic investigator. Students will be guided through the various required steps in the process.A distributed online learning platform at NTNU and the Norwegian Police University College is used in the administration and implementation of the course.
Obligatoriske arbeidskrav:
The following course requirements must be met and approved before students can take the exam:
Up to three tests related to specific topics
Compulsory assignments
- Coursework Requirements
Further on evaluation
Utfyllende om kontinuasjon:
At the discression of PHS.A new computer installation must be provided and the examination must be re-sat.
Vurderingsformer:
Assessment consists of two parts, pass decision is on cumulative grade of both parts:
Individual home exam over 8 hours (50%)
Assessment of the student configuration of its own laptop computer (50%)
Both parts must be passed.
Specific conditions
Admission to a programme of study is required:
Information Security (MISEB)
Recommended previous knowledge
NCFI2 or similar, see admisson criteria for MISEB studyprogram, courses delivered by PHS
Course materials
The following textbooks are the primary material in the course curriculum.
Altheide, C. & Carvey, H. (2011). Digital Forensics with Open Source Tools. Waltham, MA: Syngress
Cameron, N. (2005). Learning the bash Shell: Unix Shell Programming. Sebastopol: O'Reilly Media
No
Version: 1
Credits:
10.0 SP
Study level: Second degree level
Term no.: 1
Teaching semester: AUTUMN 2016
Language of instruction: English
-
-
Department with academic responsibility
Department of Information Security and Communication Technology
Examination
Examination arrangement: Assignment
- Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
- Autumn ORD Assignment 100/100
-
Room Building Number of candidates
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"