Course Title: Computer and Internet Forensics

Part A: Course Overview

Course Title: Computer and Internet Forensics

Credit Points: 12.00


Course Code

Campus

Career

School

Learning Mode

Teaching Period(s)

COSC2301

City Campus

Undergraduate

140H Computer Science & Information Technology

Face-to-Face

Sem 2 2006,
Sem 2 2007,
Sem 2 2009,
Sem 2 2010,
Sem 2 2011,
Sem 2 2012,
Sem 2 2013,
Sem 2 2014,
Sem 2 2015

COSC2302

City Campus

Postgraduate

140H Computer Science & Information Technology

Face-to-Face

Sem 2 2006,
Sem 2 2007,
Sem 2 2008,
Sem 2 2009,
Sem 2 2010,
Sem 2 2011,
Sem 2 2012,
Sem 2 2013,
Sem 2 2014,
Sem 2 2015

Course Coordinator: Dr Ron van Schyndel

Course Coordinator Phone: +61 3 9925 9677

Course Coordinator Email: ron.vanschyndel@rmit.edu.au


Pre-requisite Courses and Assumed Knowledge and Capabilities

You may not enrol in this course unless it is explicitly listed in your enrolment program summary, and you have confirmed with your program coordinator that it is an appropriate choice for your study plan.

Secure Electronic Commerce OR a sound understanding of computer data communications, the structure and protocols of the Internet and the Web, equivalent to Web Servers and Web Technology .


Course Description

This course introduces students to the principles and practice of computer and internet forensics. Students will explore issues related to security of computer systems, accessing and analyzing data, reconstructing events, surveillance, intrusion prevention, intrusion detection, and recovery from breaches. This course is particularly aimed at students who have a strong interest in computer and information security.


Objectives/Learning Outcomes/Capability Development

This course contributes to the development of the following capabilities:
 

  • Enabling knowledge: attack profiles, investigation tools and techniques
  • Critical analysis: analysis of data to identify evidence
  • Responsibility: application of security policies
  • Communication: appropriate communication with stakeholders when addressing security problems.


On completion of this course you should be able to:
 

  • apply your knowledge and understanding of computer security to identify security weaknesses and propose solutions;
  • correctly isolate computer systems for investigation;
  • duplicate data and analyse it to recover information and reconstruct events;
  • understand and employ intrusion prevention and detection tools;
  • trace malicious internet activity;
  • analyse email trails;
  • document and present gathered information for follow-up.


Overview of Learning Activities

The learning activities included in this course are:

 

  • key concepts will be explained in lectures, classes or online, where syllabus material will be presented and the subject matter will be illustrated with demonstrations and examples;
  • tutorials and/or labs and/or group discussions (including online forums) focussed on projects and problem solving will provide practice in the application of theory and procedures, allow exploration of concepts with teaching staff and other students, and give feedback on your progress and understanding;
  • assignments, as described in Overview of Assessment (below) and Assessment Tasks (part B course guide for this Teaching Period), requiring an integrated understanding of the subject matter; and
  • private study, working through the course as presented in classes and learning materials, and gaining practice at solving conceptual and technical problems.

Attendance:
While a minimum attendance standard is not compulsory, non-attendance may seriously jeopardise the chances of success in this course. Clearly, non-attendance at an assessment will result in failure of that assessment. Where visa conditions apply, attendance is compulsory.


Overview of Learning Resources

You will make extensive use of computer laboratories and relevant software provided by the School. You will be able to access course information and learning materials through myRMIT and may be provided with copies of additional materials in class or via email. Lists of relevant reference texts, resources in the library and freely accessible Internet sites will be provided.

Use the RMIT Bookshop’s textbook list search page to find any recommended textbook(s).
 


Overview of Assessment

The assessment for this course comprises of assignments and a formal written examination.

For standard assessment details, including deadlines, weightings, and hurdle requirements relating to Computer Science and IT courses see: http://www.rmit.edu.au/compsci/cgi