Overview
The rapid growth of the Internet and computers usage have led to various electronic crimes that require the urgent need for computer investigations. This unit equips students with a broad understanding of electronic crimes and computer forensics investigation. The content is structured so as to provide students with the practical knowledge of computer forensics and to enable students develop the necessary skills in investigating electronic criminal activities using available digital forensics tools. Specific topics including electronic crime, digital forensics procedures and tools, methods of using digital evidence in justice, and legal issues in digital forensics are covered in the unit. If you have successfully completed unit COIS23002 you cannot take this unit.
Details
Pre-requisites or Co-requisites
Pre-requisite: COIT20261 Network Routing and Switching
Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).
Offerings For Term 1 - 2017
Attendance Requirements
All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).
Recommended Student Time Commitment
Each 6-credit Postgraduate unit at CQUniversity requires an overall time commitment of an average of 12.5 hours of study per week, making a total of 150 hours for the unit.
Class Timetable
Assessment Overview
Assessment Grading
This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%). Consult the University’s Grades and Results Policy for more details of interim results and final grades.
All University policies are available on the CQUniversity Policy site.
You may wish to view these policies:
- Grades and Results Policy
- Assessment Policy and Procedure (Higher Education Coursework)
- Review of Grade Procedure
- Student Academic Integrity Policy and Procedure
- Monitoring Academic Progress (MAP) Policy and Procedure – Domestic Students
- Monitoring Academic Progress (MAP) Policy and Procedure – International Students
- Student Refund and Credit Balance Policy and Procedure
- Student Feedback – Compliments and Complaints Policy and Procedure
- Information and Communications Technology Acceptable Use Policy and Procedure
This list is not an exhaustive list of all University policies. The full list of University policies are available on the CQUniversity Policy site.
Feedback, Recommendations and Responses
Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.
Feedback from Self-reflection
No extension on the first assessment item
Indicate in the unit profile, in the Task Description component, that extensions cannot be granted for the online quiz assessment because answers will be released to students upon completion of the quiz.
Feedback from Self-reflection and student feedback
Australia and U.S. Jurisdiction
The unit should highlight and compare the differences between U.S. and Australian laws on criminal procedure and privacy.
- Discuss the different types of electronic crime and the need for a computer forensics investigation.
- Analyse the role of computer forensic professionals in enabling successful investigation and prevention of electronic crime in business environments.
- Apply a systematic approach in a digital investigation through the conduct of computer forensics procedures and the use of computer forensic tools.
- Analyse the necessary steps required for collecting, storing, analysing and validating digital evidence.
- Critically evaluate the different methods of recovering evidence from files and explain how to determine feasible methods.
- Identify the legal issues involved in a computer forensic investigation.
- Apply current industry best practices for analysing computer forensic case scenarios.
- Data analysis (DTAN)
- Database/repository design (DBDS)
- Testing (TEST)
- Network Support (NTAS)
- Application Support (ASUP).
Alignment of Assessment Tasks to Learning Outcomes
| Assessment Tasks | Learning Outcomes | ||||||
|---|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | |
| 1 - Online Quiz(zes) - 20% | |||||||
| 2 - Practical and Written Assessment - 35% | |||||||
| 3 - Practical and Written Assessment - 45% | |||||||
Alignment of Graduate Attributes to Learning Outcomes
| Graduate Attributes | Learning Outcomes | ||||||
|---|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | |
| 1 - Knowledge | |||||||
| 2 - Communication | |||||||
| 3 - Cognitive, technical and creative skills | |||||||
| 4 - Research | |||||||
| 5 - Self-management | |||||||
| 6 - Ethical and Professional Responsibility | |||||||
| 7 - Leadership | |||||||
| 8 - Aboriginal and Torres Strait Islander Cultures | |||||||
Alignment of Assessment Tasks to Graduate Attributes
| Assessment Tasks | Graduate Attributes | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | |
| 1 - Online Quiz(zes) - 20% | ||||||||
| 2 - Practical and Written Assessment - 35% | ||||||||
| 3 - Practical and Written Assessment - 45% | ||||||||
Textbooks
Guide to Computer Forensics and Investigations: Processing Digital Evidence
Edition: Fifth (2016)
Authors: Nelson, B., Phillips, A. and Steuart, C.
Cengage Learning
Boston Boston , MA 02210 , United States of America
ISBN: 9781285060033
Binding: Hardcover
Additional Textbook Information
IT Resources
- CQUniversity Student Email
- Internet
- Unit Website (Moodle)
- Computer forensic software and student data files (with "Lab Manual for Guide to Computer Forensics and Investigations (4th ed)" by A. Blitz)
All submissions for this unit must use the referencing style: Harvard (author-date)
For further information, see the Assessment Tasks.
s.wibowo1@cqu.edu.au
Module/Topic
Introduction to digital forensics
Chapter
Chapter 1
Events and Submissions/Topic
Module/Topic
Digital investigation environments
Chapter
Chapter 2
Events and Submissions/Topic
Module/Topic
Data Acquisition
Chapter
Chapter 3
Events and Submissions/Topic
Module/Topic
Processing crime and incident scenes
Chapter
Chapter 4
Events and Submissions/Topic
Module/Topic
Digital forensics tools
Chapter
Chapter 6
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Digital forensics analysis and validation
Chapter
Chapter 9
Events and Submissions/Topic
Module/Topic
Understanding Windows and DOS Systems
Chapter
Chapter 5
Events and Submissions/Topic
Module/Topic
Understanding UNIX/Linux Systems and Recovering Graphics Files
Chapter
Chapter 7 & 8
Events and Submissions/Topic
Module/Topic
Mobile Device and Cloud Forensics
Chapter
Chapter 12 & 13
Events and Submissions/Topic
Module/Topic
E-mail and social media investigations
Chapter
Chapter 11
Events and Submissions/Topic
Module/Topic
Digital forensics report and professionalism
Chapter
Chapter 14 & 16
Events and Submissions/Topic
Module/Topic
Expert Testimony
Chapter
Chapter 15
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
1 Online Quiz(zes)
This quiz has 40 multiple choice questions relating to the unit material of Weeks 1 to 5, covering Chapters 1, 2, 3, 4, and 6 of the prescribed textbook. The quiz is open book implying that the students are allowed to consult the prescribed textbook, lecture notes and their own notes.
1
Week 6 Friday (21 Apr 2017) 11:45 pm AEST
Week 7 Friday (28 Apr 2017)
1. The quiz will be available on the Unit Website on Moodle in Week 6.
2. Detailed instructions about the quiz will be provided on the Unit Website on Moodle.
- Discuss the different types of electronic crime and the need for a computer forensics investigation.
- Analyse the role of computer forensic professionals in enabling successful investigation and prevention of electronic crime in business environments.
- Analyse the necessary steps required for collecting, storing, analysing and validating digital evidence.
- Identify the legal issues involved in a computer forensic investigation.
- Knowledge
- Communication
2 Practical and Written Assessment
This assignment has two parts.
The first part requires you to research on existing computer forensic tools and apply the suitable computer forensic tool to evaluate a real case problem. More specifically, you will be asked to:
1. Identify different computer forensics tools for computer investigations.
2. Analyse the strengths and weaknesses of the computer forensics tools.
3. Demonstrate the suitability of the chosen computer forensic tool to evaluate a real case scenario.
The second part requires you to carry out a comparative study on Australian and American laws on criminal procedure and/or privacy.
A detailed assignment specification will be made available on Moodle from Week 4.
Week 7 Friday (28 Apr 2017) 11:45 pm AEST
Week 9 Friday (12 May 2017)
You are assessed mainly against:
1. Providing a thorough analysis on available computer forensic tools.
2. The justification of using a specific computer forensic tool.
3. Discussion on the application of the computer forensic tool for dealing with the real case problem.
4. Presenting the analysis and findings in the report.
5. Knowledge and understanding on criminal procedural and privacy laws.
- Discuss the different types of electronic crime and the need for a computer forensics investigation.
- Analyse the role of computer forensic professionals in enabling successful investigation and prevention of electronic crime in business environments.
- Apply a systematic approach in a digital investigation through the conduct of computer forensics procedures and the use of computer forensic tools.
- Analyse the necessary steps required for collecting, storing, analysing and validating digital evidence.
- Critically evaluate the different methods of recovering evidence from files and explain how to determine feasible methods.
- Identify the legal issues involved in a computer forensic investigation.
- Apply current industry best practices for analysing computer forensic case scenarios.
- Knowledge
- Communication
- Ethical and Professional Responsibility
3 Practical and Written Assessment
The purpose of this assignment is to produce a report based on a given case study. In this assessment, you will be specifically asked to:
1. Apply the computer forensics methodologies.
2. Write an analysis of a case study.
3. Prepare an outline of a professional computer forensic plan.
Details of the case study, the questions, what you are required to submit and guidelines for approaching the assignment will be available on Moodle unit website.
Week 12 Friday (2 June 2017) 11:45 pm AEST
Written assignment 2 marks will be released at the Certification of Grades.
You are assessed mainly against:
1. The justification of using the computer forensic methodology and approach.
2. Providing the resources required for a digital forensic investigation, including the skill set of team members and the tools.
3. Outlining an approach for evidence identification and acquisition.
4. Outlining the steps to be taken during the analysis phase.
5. Presenting the full investigative report.
Further details are available on Moodle.
- Discuss the different types of electronic crime and the need for a computer forensics investigation.
- Analyse the role of computer forensic professionals in enabling successful investigation and prevention of electronic crime in business environments.
- Apply a systematic approach in a digital investigation through the conduct of computer forensics procedures and the use of computer forensic tools.
- Analyse the necessary steps required for collecting, storing, analysing and validating digital evidence.
- Critically evaluate the different methods of recovering evidence from files and explain how to determine feasible methods.
- Identify the legal issues involved in a computer forensic investigation.
- Apply current industry best practices for analysing computer forensic case scenarios.
- Knowledge
- Communication
- Ethical and Professional Responsibility
As a CQUniversity student you are expected to act honestly in all aspects of your academic work.
Any assessable work undertaken or submitted for review or assessment must be your own work. Assessable work is any type of work you do to meet the assessment requirements in the unit, including draft work submitted for review and feedback and final work to be assessed.
When you use the ideas, words or data of others in your assessment, you must thoroughly and clearly acknowledge the source of this information by using the correct referencing style for your unit. Using others’ work without proper acknowledgement may be considered a form of intellectual dishonesty.
Participating honestly, respectfully, responsibly, and fairly in your university study ensures the CQUniversity qualification you earn will be valued as a true indication of your individual academic achievement and will continue to receive the respect and recognition it deserves.
As a student, you are responsible for reading and following CQUniversity’s policies, including the Student Academic Integrity Policy and Procedure. This policy sets out CQUniversity’s expectations of you to act with integrity, examples of academic integrity breaches to avoid, the processes used to address alleged breaches of academic integrity, and potential penalties.
What is a breach of academic integrity?
A breach of academic integrity includes but is not limited to plagiarism, self-plagiarism, collusion, cheating, contract cheating, and academic misconduct. The Student Academic Integrity Policy and Procedure defines what these terms mean and gives examples.
Why is academic integrity important?
A breach of academic integrity may result in one or more penalties, including suspension or even expulsion from the University. It can also have negative implications for student visas and future enrolment at CQUniversity or elsewhere. Students who engage in contract cheating also risk being blackmailed by contract cheating services.
Where can I get assistance?
For academic advice and guidance, the Academic Learning Centre (ALC) can support you in becoming confident in completing assessments with integrity and of high standard.
What can you do to act with integrity?
