CYBD100M - Introduction to Computer Forensics (2-2-3)
This class is an introduction to the concepts, terminology and management in the fastest growing areas in forensic science, digital evidence network intrusion and information security. The class introduces students to the methods used to acquire and analyze digital evidence, learn the fundamentals of the forensic process, including documentation and presentation of information collected during analysis, how to maintain and document the chain of custody and methods of analysis and procedures. The class also contains an overview of intrusion detection, live acquisitions and live acquisition tools, as well as an overview of forensic hardware solutions including but not limited to forensic computers, hardware write blocking tools and dedicated analytical equipment. Using recovered digital artifacts students will reconstruct activities from digital devices to create forensic examination reports based on the information recovered.
CYBD110M - Investigations and Evidence Recovery (3-3-4)
This course introduces students to different types of digital investigations and the similarities and differences between them. Students will learn how to seize and properly document evidence while maintaining a verifiable chain of custody.
This class will teach students competence across a spectrum of skills that include Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation and more.
Prerequisite: CIS116M with a grade of “C” or better.
CYBD210M - Operating System Artifacts (3-3-4)
This course explores advanced topics and forensic analysis of the various File System artifacts which could provide useful information leading toward malware detection and presentation of digital evidence for the court of law. Since file systems record every event of a system, forensic tools may be used to process information related to user environment, buffer overflows, trace conditions, network stack, etc.
Prerequisites: CYBD100M, CIS102M, CIS103M.
CYBD215M - PC Forensics (3-3-4)
This course explores advanced topics and methodologies for examining digital evidence. Topics taught in this class include File System Forensics, Computer Operating System Forensics and Large System Forensics. Students are challenged to work individually and in groups to examine and prepare detailed reports showing the relevance of digital evidence to mock cases. This course presents a higher level of technical detail and will balance theory and hands-on aspects for conducting digital forensic examinations.
This course provides students with the knowledge of security concepts, tools and procedures that will enable them to react to security incidents, allow them to create procedures ensuring security personnel can anticipate computer and computer network related security risks and guard against them. Potential roles include security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator and network administrator.
CYBD225M - Cybersecurity Internship (1-8-3)
This course involves a cooperative intern program of no less than 120 hours of work experience in the field relating to the student’s selected field of study within the Computer Science Department. The college coordinator and the organization’s work supervisor evaluate students’ work experience and achievements. Students meet to prepare a resume and cover letter and to discuss and analyze their experiences.
Prerequisite: CYBD200M or CYBD220M.
CYBD230M - Mobile and Emerging Device Analysis (3-3-4)
This course explores Mobile Device Analysis where students learn methodologies for extraction of date stored on mobile devices. Students are challenged to work individually and in groups to examine and prepare detailed reports showing the relevance of digital evidence to mock cases. This course presents a higher level of technical detail and will balance theory and hands-on aspects for conducting the analysis of mobile devices. Upon completion of the course, students will understand how and where different platforms stores their data and the techniques to understand how the tools available differ in the amount and types information they will extract from mobile devices. The course employs hands-on real world practical scenarios; students will have the opportunity to perform extractions and analysis on mobile devices.
This course is the culmination of the knowledge gained throughout the Cybersecurity Investigations program tying together all aspects of the program while introducing methods of remote monitoring and information gathering.
Prerequisites: CYBD200M or CYBD210M, or CYBD215M or CYBD220M.