Cyberspace and Cybersecurity Foundations
DFC 610 | 6 Credits
Course Desc: Prerequisite: CBR 600. Gain knowledge of the foundations of cybersecurity, and apply cyber methodologies to cyber architec¬tures, services, protocols, algorithms, hardware and software components, and programming languages. Become familiar with the important role that business continuity planning, security man¬agement practices, security architecture, operations security, and physical security play in cybersecurity. Explore the impact of cyber terrorism and national security on cybersecurity. Gain hands-on, real-world experience with state-of-the-art tools and technologies in a lab-intensive environment. Students may receive credit for only one of the following courses: DFC 610 or CST 610.
Digital Forensics Technology and Practices
DFC 620 | 6 Credits
Course Desc: Prerequisite: DFC 610. Gain proficiency with the tools and technologies commonly used in forensic examinations and utilize best practices. Explore procedures for securing and validating evidence, including digital media and physical memory, as well as recovering artifacts and analyzing, reporting, and presenting results in both criminal and civil situations. Gain experience with mobile forensic analysis. Students may receive credit for only one of the following courses: CST 640 or DFC 620.
Digital Forensic Response and Analysis
DFC 630 | 6 Credits
Course Desc: Prerequisite: DFC 620. Utilize tools and techniques in digital forensic investigations involving workstation and mobile platforms. Practice forensic artifact reconstruction and recovery from the file systems of different operating systems, including Windows, Linux, and Macintosh.
Advanced Forensics
DFC 640 | 6 Credits
Course Desc: Prerequisite: DFC 630. Assume the role of a digital forensics professional. Collect and preserve network, server, and cloud-based evidence, and apply analysis techniques. Solve technical challenges such as evidentiary volume and encryption, as well as nontechnical challenges such as jurisdiction and distance in situation-based response scenarios and activities.
Collection and Examination of Digital Evidence
DFCS 615 | 3 Credits
Course Desc: A hands-on introduction to the data collection and examination phases associated with digital evidence processing. The objective is to identify data, create and analyze forensic images, and use appropriate tools and techniques to support a cybercrime investigation. Topics include data extraction from computer and file systems, mobile phones, storage media, and electronic documents, securing digital evidence, and root cause analysis.
Windows Forensics and Security
DFCS 625 | 3 Credits
Course Desc: A hands-on examination of the tools, procedures, techniques, and data associated with an incident response or cyber investigation on a Windows system. The objective is to use appropriate forensic tools to recover, preserve, and analyze data while identifying threats and improving the security posture and policies of an organization. Topics include Windows operating systems; Windows file systems; forensic tools and techniques; registry, email, and browser forensics; Windows logs; and anti-forensics techniques.
Linux Forensics and Security
DFCS 635 | 3 Credits
Course Desc: ¿¿A project-based study on how to identify, analyze, and respond to attacks on Linux-based operating systems. The objective is to build forensic analysis and incident response skills through the use of tools to discover evidence of advanced persistent threats and other attacks. Topics include intrusion detection/intrusion prevention, log aggregation and analysis, virtualization, O/S hardening, penetration testing, and Linux file systems.¿
Cloud and Network Forensics
DFCS 645 | 3 Credits
Course Desc: ¿¿A hands-on examination of the tools and procedures associated with conducting a forensic analysis of network or cloud network incidents. The objective is to collect, examine, and preserve digital evidence and artifacts associated with a network-based cyberattack or incident. Topics include forensic tools and techniques, network monitoring and defense, incident response, intrusion detection/prevention systems, log analysis, cloud computing, and cryptography.
Advanced Log Analysis
DFCS 655 | 3 Credits
Course Desc: A lab-based, hands-on study of the tools and processes used to efficiently extract, arrange, analyze, and manage log files from a variety of applications, devices, and systems. The goal is to process and examine log files to identify tactics, techniques, and procedures used by an adversary as part of a cyberattack or incident. Topics include log analysis, log management, threat detection, auditing, cybersecurity artifacts, security incidents and intrusions, and security information and event management (SIEM) systems and tools.
Network Intrusions
DFCS 660 | 3 Credits
Course Desc: ¿¿A hands-on evaluation of the tools and processes used to defend a cloud-based or traditional network against evolving and persistent threats. The objective is to examine network traffic and logs to correlate events while supporting threat hunting and defense against network attacks. Topics include secure network architecture, network protocols, packet analysis, network intrusion detection and prevention, log analysis, network scanning tools, attack vectors, threat hunting, and network forensics.¿
Digital Forensics Case Management and Reporting
DFCS 665 | 3 Credits
Course Desc: A hands-on study of case management and reporting processes, tools, and best practices associated with digital forensics and cyber investigations. The aim is to create and efficiently manage, update, and report on digital forensic cases while sharing results and collaborating with other investigators. Topics include digital forensics case and report management, malware information sharing platforms (MISP), case management tools, digital forensics knowledge base, notification and alert management, and case management statistics.
Legal, Ethical, and Regulatory Requirements for Digital Forensics
DFCS 685 | 3 Credits
Course Desc: A study of the legal, ethical, and regulatory requirements associated with conducting digital forensics and cyber investigations. The objective is to apply appropriate legal and ethical frameworks and processes while reporting cybercrimes and collecting and using digital evidence. Topics include digital forensics relevant to federal, state, and international regulations and statutes on expert witnesses, digital search warrants, digital evidence policies and procedures, codes of ethics, breach notification requirements, and emerging legal issues and policies.
Workplace Learning in Digital Forensics and Cyber Investigation
DFCS 686 | 3 Credits
Course Desc: ¿¿Prerequisites: 12 graduate credits in the program and prior program approval (requirements detailed online at umgc.edu/wkpl). The integration of discipline-specific knowledge with new experiences in the work environment. Tasks include completing a series of academic assignments that parallel work experiences.¿
Digital Forensics and Cyber Investigation Capstone
DFCS 690 | 3 Credits
Course Desc: Prerequisite: 24 credits of program coursework, including all course courses. A project-based examination of advanced digital forensics and incident response techniques using appropriate tools applied to real-world scenarios. The goal is to identify forensic evidence and artifacts resulting from a cyberattack or incident. Topics include software reverse engineering, malware and malicious code analysis, use of binary analysis tools, memory forensics, ethical hacking, and secure programming practices.
To check other courses, please check our course information page.