Skip Navigation
top

Course Listings

Digital Forensics and Cyber Investigation Foundations

DFCS 605 | 3 Credits

Course Desc: A project-based introduction to digital forensics and cyber investigation supporting the collection, examination, analysis, and reporting of incidents and cybercrimes. The objective is to participate in data and evidence processing while preserving the integrity of the information and maintaining a strict chain of custody. Topics include online evidence collection, incident response, legal frameworks, cyberattack investigation, and specialized tools and methodologies used in cyber investigations. Students may receive credit for only one of the following courses: DFC 610 or DFCS 605.

Collection and Examination of Digital Evidence

DFCS 615 | 3 Credits

Course Desc: A hands-on introduction to the data collection and examination phases associated with digital evidence processing. The objective is to identify data, create and analyze forensic images, and use appropriate tools and techniques to support a cybercrime investigation. Topics include data extraction from computer and file systems, mobile phones, storage media, and electronic documents; securing digital evidence; and root cause analysis. Students may receive credit for only one of the following courses: DFC 610 or DFCS 615.

Windows Forensics and Security

DFCS 625 | 3 Credits

Course Desc: A hands-on examination of the tools, procedures, techniques, and data associated with an incident response or cyber investigation on a Windows system. The objective is to use appropriate forensic tools to recover, preserve, and analyze data while identifying threats and improving the security posture and policies of an organization. Topics include Windows operating systems; Windows file systems; forensic tools and techniques; registry, email, and browser forensics; Windows logs; and anti-forensics techniques. Students may receive credit for only one of the following courses: DFC 620 or DFCS 625.

Linux Forensics and Security

DFCS 635 | 3 Credits

Course Desc: A project-based study on how to identify, analyze, and respond to attacks on Linux-based operating systems. The objective is to build forensic analysis and incident response skills through the use of tools to discover evidence of advanced persistent threats and other attacks. Topics include intrusion detection/intrusion prevention, log aggregation and analysis, virtualization, O/S hardening, penetration testing, and Linux file systems. Students may receive credit for only one of the following courses: DFC 620 or DFCS 635.

Cloud and Network Forensics

DFCS 645 | 3 Credits

Course Desc: A hands-on examination of the tools and procedures associated with conducting a forensic analysis of network or cloud network incidents. The objective is to collect, examine, and preserve digital evidence and artifacts associated with a network-based cyberattack or incident. Topics include forensic tools and techniques, network monitoring and defense, incident response, intrusion detection/prevention systems, log analysis, cloud computing, and cryptography. Students may receive credit for only one of the following courses: DFC 630 or DFCS 645.

Advanced Log Analysis

DFCS 655 | 3 Credits

Course Desc: A lab-based, hands-on study of the tools and processes used to efficiently extract, arrange, analyze, and manage log files from a variety of applications, devices, and systems. The goal is to process and examine log files to identify tactics, techniques, and procedures used by an adversary as part of a cyberattack or incident. Topics include log analysis, log management, threat detection, auditing, cybersecurity artifacts, security incidents and intrusions, and security information and event management (SIEM) systems and tools. Students may receive credit for only one of the following courses: DFC 630 or DFCS 655.

Network Intrusions

DFCS 660 | 3 Credits

Course Desc: A hands-on evaluation of the tools and processes used to defend a cloud-based or traditional network against evolving and persistent threats. The objective is to examine network traffic and logs to correlate events while supporting threat hunting and defense against network attacks. Topics include secure network architecture, network protocols, packet analysis, network intrusion detection and prevention, log analysis, network scanning tools, attack vectors, threat hunting, and network forensics. Students may receive credit for only one of the following courses: DFC 640 or DFCS 660.

Digital Forensics Case Management and Reporting

DFCS 665 | 3 Credits

Course Desc: A hands-on study of case management and reporting processes, tools, and best practices associated with digital forensics and cyber investigations. The aim is to create and efficiently manage, update, and report on digital forensic cases while sharing results and collaborating with other investigators. Topics include digital forensics case and report management, malware information sharing platforms (MISP), case management tools, digital forensics knowledge base, notification and alert management, and case management statistics. Students may receive credit for only one of the following courses: DFC 640 or DFCS 665.

Legal, Ethical, and Regulatory Requirements for Digital Forensics

DFCS 685 | 3 Credits

Course Desc: A study of the legal, ethical, and regulatory requirements associated with conducting digital forensics and cyber investigations. The objective is to apply appropriate legal and ethical frameworks and processes while reporting cybercrimes and collecting and using digital evidence. Topics include digital forensics relevant to federal, state, and international regulations and statutes on expert witnesses, digital search warrants, digital evidence policies and procedures, codes of ethics, breach notification requirements, and emerging legal issues and policies.

Workplace Learning in Digital Forensics and Cyber Investigation

DFCS 686 | 3 Credits

Course Desc: Prerequisites: 12 graduate credits in the program and prior program approval (requirements detailed online at umgc.edu/wkpl). The integration of discipline-specific knowledge with new experiences in the work environment. Tasks include completing a series of academic assignments that parallel work experiences.

Digital Forensics and Cyber Investigation Capstone

DFCS 690 | 3 Credits

Course Desc: Prerequisites: 24 credits of program coursework, including all core courses. A project-based examination of advanced digital forensics and incident response techniques using appropriate tools applied to real-world scenarios. The goal is to identify forensic evidence and artifacts resulting from a cyberattack or incident. Topics include software reverse engineering, malware and malicious code analysis, use of binary analysis tools, memory forensics, ethical hacking, and secure programming practices. Students may receive credit for only one of the following courses: CYB 670 or DFCS 690.

To check other courses, please check our course information page.

Contact Us

Our helpful admissions advisors can help you choose an academic program to fit your career goals, estimate your transfer credits, and develop a plan for your education costs that fits your budget. If you're a current UMGC student, please visit the Help Center.

Personal Information
Contact Information
This is a required field.
Additional Information
This field is required.
This field is required.

By submitting this form, you acknowledge that you intend to sign this form electronically and that your electronic signature is the equivalent of a handwritten signature, with all the same legal and binding effect. You are giving your express written consent without obligation for UMGC to contact you regarding our educational programs and services using e-mail, phone, or text, including automated technology for calls and/or texts to the mobile number(s) provided. For more details, including how to opt out, read our privacy policy or contact an admissions advisor.

Please wait as we send your request.