Cyber Forensics
Duration
- One Semester or equivalent
Contact hours
- 150 contact hours - Swinburne Online
On-campus unit delivery combines face-to-face and digital learning. For Online unit delivery, learning is conducted exclusively online.
2023 teaching periods
| Swinburne Online Teaching Period 1 |
Swinburne Online Teaching Period 3 | |
|---|---|---|
Dates: Results: Last self enrolment: Census: Last withdraw without fail: |
Dates: Results: Last self enrolment: Census: Last withdraw without fail: |
Prerequisites
50 Credit PointsAims and objectives
This unit introduces students to the procedures that are used in relation to cyber forensics and digital investigations to detect cyber criminal activities, protect organisation from attack and prosecute perpetrators. Students will explore computer and operating system architectures, their associated data and file structures. The unit covers key procedures and processes involved in digital and cyber forensics. Students will conduct forensic processes, utilise and research a range of tools. A crucial aspect of this unit is that students will be able to communicate the results of investigations to non-specialist audiences.
Unit Learning Outcomes (ULO)
Students who successfully complete this unit will be able to:
Students who successfully complete this unit will be able to:
1. Explain computer architectures and concepts associated with data structures, the collection of evidence and validation
2. Critically review the different forensic tools and techniques to gather and analyse digital evidence
3. Report cyber forensic investigations and findings to key business stakeholders and decision makers
4. Use legal frameworks to explain and present forensically gathered evidence
2. Critically review the different forensic tools and techniques to gather and analyse digital evidence
3. Report cyber forensic investigations and findings to key business stakeholders and decision makers
4. Use legal frameworks to explain and present forensically gathered evidence
Unit information in detail
- Teaching methods, assessment and content.
Teaching methods
Swinburne Online
Type | Hours per week | Number of Weeks | Total |
| Online Directed Online Learning and Independent Learning | 12.5 | 12 | 150 |
TOTAL | 150 hours |
Assessment
Types | Individual/Group Role | Weighting | Unit Learning Outcomes (ULOs) |
| Assignment | Individual | 50-60% | 1,2,3,4 |
| Project | Individual | 40-50% | 1,2,3,4 |
Content
• Introduction to basic principles and concepts of the risk management, pivoting quickly to risk within the context of cybersecurity
• Assessing the impact of a cyber-attack on an organisation
• Risk assessment and modelling, and minimising attack surfaces and managing threat vectors
• Importance of useable security; ensuring that security controls and processes are sufficiently agile to adapt to changing threats and are appropriate to, and do not overwhelm business priorities and performance
• Introduction and application of established frameworks for assessing and managing risks: eg Australian Signals Directorate’s (ASD) Australian Government Information Security Manual (ISM), the US National Institute of Standards and Technology’s Cybersecurity Framework and the UK government’s Cyber Essentials
• Understanding and planning for risk associated with human factors in particular insider threat
• Social engineering
• Data and operational risk
• Integrating enterprise risk and cyber risk
• Inherent, current and residual risk
• Asset classification – the identification of Security Controls need to protect assets including data
• Reporting and communicating risk, risk mitigation strategies to stakeholders.
• Risk sharing
• Research methods
• Assessing the impact of a cyber-attack on an organisation
• Risk assessment and modelling, and minimising attack surfaces and managing threat vectors
• Importance of useable security; ensuring that security controls and processes are sufficiently agile to adapt to changing threats and are appropriate to, and do not overwhelm business priorities and performance
• Introduction and application of established frameworks for assessing and managing risks: eg Australian Signals Directorate’s (ASD) Australian Government Information Security Manual (ISM), the US National Institute of Standards and Technology’s Cybersecurity Framework and the UK government’s Cyber Essentials
• Understanding and planning for risk associated with human factors in particular insider threat
• Social engineering
• Data and operational risk
• Integrating enterprise risk and cyber risk
• Inherent, current and residual risk
• Asset classification – the identification of Security Controls need to protect assets including data
• Reporting and communicating risk, risk mitigation strategies to stakeholders.
• Risk sharing
• Research methods
Study resources
- Reading materials.
Reading materials
A list of reading materials and/or required texts will be made available in the Unit Outline.