This is tentative outline for the Digital Forensics class. (Subject ot change)
(Syllabus #1)
Introduction to Digital Forensics and Network Analysis
Learn enough about digital forensics and
network analysis to decide if this is a career path for you.
Course Description
Prerequisites?
This class is a follow-on Fundamental of Cyber or Principle of Forensics.
I. Introduction to Digital Forensics
Definition of digital forensics
Importance of digital forensics in law enforcement and cybersecurity
Ethics and legal considerations in digital forensics
II. Digital Evidence
Types of digital evidence
Collection and preservation of digital evidence
Chain of custody
III. Digital Crime and Cybersecurity
Types of digital crimes (e.g. hacking, identity theft)
Common cybersecurity threats (e.g. malware, phishing)
IV. Computer Systems and Networks
Basic computer architecture and operating systems
Computer networks and network protocols
Network security and intrusion detection
V. Mobile Device Forensics
Types of mobile devices and operating systems
Collection and analysis of mobile device data
VI. Computer Forensics
Data recovery and analysis
File systems and partitions
Steganography and cryptography
VII. Network Forensics
Network traffic analysis
Network protocols and packet analysis
Investigating network intrusions
VIII. Presentation and Reporting
Documenting and reporting findings
Testifying in court
IX. Emerging Trends in Digital Forensics
New technologies and techniques in digital forensics
Current issues and challenges in digital forensics
Note that this is just a sample outline and actual course content
and order may vary depending on the specific high school program and instructor.
It's important to ensure that students have a strong work ethic.
This is tentative outline for the Digital Forensics class. (subject to change)
This class teaches: (Syllabus #2)
Introduction to Digital Forensics and Network Analysis
Learn enough about digital forensics and network analysis
to decide if this is a career path for you.
Course Description
Prerequisites?
This class is a follow-on Fundamental of Cyber or Principle of Forensics.
Digital Forensics Principles
Incident Response Procedures
Disk Recovery and Analysis
Network Packet Capture and Analysis
Basic Memory Capture and Analysis
Advanced Searching Techniques
Security Principles and Ethics
Computer Math
Steganography
Ciphers and Codes
Learning HTML and PHP programming
Students need to have basic knowledge and skills taught in the Introduction to Computers and Security class. The class is intended for teens in high school or middle school. Several students as young as 11 years old have successfully completed this course.
Course curriculum
1
Assignment - Introduction to Forensics
Quiz - Introduction to Forensics
2
Computer Math and Numbers
Bytes and Bits
Eight Bits Equals 255
Quiz - Binary
Numbering Systems
Quiz - Numbering Systems
Character Sets and Unicode
Assignment - Character Sets and Unicode
Windows Character Map
Assignment - Character Map
Colors Represented as Numbers
Assignment - Color Picker
Quiz - Color Picker
Magic Numbers
3
Forensics Drive Image Collection and Analysis
Install FTK Imager
Assignment - Install FTK
Collect Drive Image
Open SD Drive Image with Autopsy
Drive Image Analysis with Autopsy
Extracting a Deleted File from a Drive Image
4
Forensics Memory Capture and Analysis
Memory Capture with FTK and Analysis with Strings
Memory Analysis with Volatility
Memory Capture and Analysis with Redline
Memory Analysis with Redline Continued
5
Network Analysis
Introduction to Network Analysis
Wireshark Menus
Wireshark Statistics and Columns
Assignment - Installation and familiarization of Wireshark
Wireshark Packet Layers
Wireshark Stream TCP Session
Capturing Packets with Wireshark
Capturing Packets with TCPDUMP
Viewing TCPDUMP Packet Capture with Wireshark
Span Port Capture of FTP with Wireshark
SCP File Transfer
Viewing FTP Wireshark and Extracting a Photo
Wireshark Analysis of FTP PUT command
Assignment - Working with a Packet Capture
Quiz - Packet Capture (based on the pcap file in the previous assignment)
6
Steganography and Ciphers
Introduction to Steganography and Ciphers
Steganography Example
Cipher Examples
Substitutions, Shifts, and Pads
Steganogrpahy Tools
7
LAMP - Linux, Apache, PHP, and MySQL
Learn how to use a free cyber range.
HTML Coding
Using PHP on Linux
PHP Coding
Learn about MySQL
can you provide me a outline of a digital Forensics
Sure! Here's a general outline of the digital forensics process:
Identification: Identify the scope of the investigation and the systems and devices that will be analyzed.
Preservation: Preserve the evidence by creating a forensic image of the original data without modifying it in any way.
Analysis: Analyze the forensic image to find evidence that can be used in the investigation. This may include analyzing files, logs, and other system artifacts.
Reconstruction: Reconstruct the events that led up to the incident, based on the evidence found during the analysis phase.
Reporting: Document the findings of the investigation in a report that can be used by legal or law enforcement officials.
Presentation: Present the findings in a way that is clear and easy to understand, often as part of a court proceeding.
It's worth noting that the exact steps and process of digital forensics may vary depending on the specific case and the tools and techniques used by the forensic examiner. Additionally, digital forensics can be a time-consuming process that requires specialized expertise, so it's often best to consult with a professional if you need assistance.
jcusack1@kleinisd.net
High school curriculum for digital forensics
Digital forensics is a highly specialized field that requires a strong foundation in computer science, mathematics, and forensic science. Here is a possible curriculum for a high school student interested in pursuing digital forensics:
Computer Science: Take courses in computer science, including programming, data structures, algorithms, and computer networking. These courses will provide a solid foundation for understanding how computer systems work, which is essential for digital forensics.
Mathematics: Take courses in mathematics, including calculus, statistics, and discrete mathematics. These courses will provide a strong background in mathematical concepts, which are important for analyzing digital evidence.
Forensic Science: Take courses in forensic science, including forensic biology, chemistry, and physics. These courses will provide an understanding of how forensic science works and how it applies to digital forensics.
Cybersecurity: Take courses in cybersecurity, including network security, cryptography, and cybercrime. These courses will provide an understanding of how to secure digital systems and how to investigate cybercrime.
Digital Forensics: Take courses specifically focused on digital forensics, including courses on computer forensics, mobile device forensics, and network forensics. These courses will provide an understanding of how to investigate digital evidence in a legal and ethical manner.
Internship or apprenticeship: Seek out internships or apprenticeships with organizations that specialize in digital forensics. This will provide hands-on experience in the field and exposure to the tools and techniques used by professionals.
Certification: Pursue industry certifications in digital forensics, such as the Certified Digital Forensics Examiner (CDFE) or the Certified Forensic Computer Examiner (CFCE). These certifications demonstrate expertise and can enhance job prospects in the field.
It's important to note that digital forensics is a rapidly evolving field, and new technologies and techniques are constantly emerging. Therefore, it's important to stay current with industry developments and continue learning throughout one's career.
Digital Forensics Code High School
https://codehs.com/curriculum/projects/proj-project-digital-forensics