Digital Forensics and Cyber Investigation Foundations
DFCS 605 | 3 Credits
Course Desc: A project-based introduction to digital forensics and cyber investigation supporting the collection, examination, analysis, and reporting of incidents and cybercrimes. The objective is to participate in data and evidence processing while preserving the integrity of the information and maintaining a strict chain of custody. Topics include online evidence collection, incident response, legal frameworks, cyberattack investigation, and specialized tools and methodologies used in cyber investigations. Students may receive credit for only one of the following courses: DFC 610 or DFCS 605.
Collection and Examination of Digital Evidence
DFCS 615 | 3 Credits
Course Desc: A hands-on introduction to the data collection and examination phases associated with digital evidence processing. The objective is to identify data, create and analyze forensic images, and use appropriate tools and techniques to support a cybercrime investigation. Topics include data extraction from computer and file systems, mobile phones, storage media, and electronic documents; securing digital evidence; and root cause analysis. Students may receive credit for only one of the following courses: DFC 610 or DFCS 615.
Windows Forensics and Security
DFCS 625 | 3 Credits
Course Desc: A hands-on examination of the tools, procedures, techniques, and data associated with an incident response or cyber investigation on a Windows system. The objective is to use appropriate forensic tools to recover, preserve, and analyze data while identifying threats and improving the security posture and policies of an organization. Topics include Windows operating systems; Windows file systems; forensic tools and techniques; registry, email, and browser forensics; Windows logs; and anti-forensics techniques. Students may receive credit for only one of the following courses: DFC 620 or DFCS 625.
Linux Forensics and Security
DFCS 635 | 3 Credits
Course Desc: A project-based study on how to identify, analyze, and respond to attacks on Linux-based operating systems. The objective is to build forensic analysis and incident response skills through the use of tools to discover evidence of advanced persistent threats and other attacks. Topics include intrusion detection/intrusion prevention, log aggregation and analysis, virtualization, O/S hardening, penetration testing, and Linux file systems. Students may receive credit for only one of the following courses: DFC 620 or DFCS 635.
Cloud and Network Forensics
DFCS 645 | 3 Credits
Course Desc: A hands-on examination of the tools and procedures associated with conducting a forensic analysis of network or cloud network incidents. The objective is to collect, examine, and preserve digital evidence and artifacts associated with a network-based cyberattack or incident. Topics include forensic tools and techniques, network monitoring and defense, incident response, intrusion detection/prevention systems, log analysis, cloud computing, and cryptography. Students may receive credit for only one of the following courses: DFC 630 or DFCS 645.
Advanced Log Analysis
DFCS 655 | 3 Credits
Course Desc: A lab-based, hands-on study of the tools and processes used to efficiently extract, arrange, analyze, and manage log files from a variety of applications, devices, and systems. The goal is to process and examine log files to identify tactics, techniques, and procedures used by an adversary as part of a cyberattack or incident. Topics include log analysis, log management, threat detection, auditing, cybersecurity artifacts, security incidents and intrusions, and security information and event management (SIEM) systems and tools. Students may receive credit for only one of the following courses: DFC 630 or DFCS 655.
Network Intrusions
DFCS 660 | 3 Credits
Course Desc: A hands-on evaluation of the tools and processes used to defend a cloud-based or traditional network against evolving and persistent threats. The objective is to examine network traffic and logs to correlate events while supporting threat hunting and defense against network attacks. Topics include secure network architecture, network protocols, packet analysis, network intrusion detection and prevention, log analysis, network scanning tools, attack vectors, threat hunting, and network forensics. Students may receive credit for only one of the following courses: DFC 640 or DFCS 660.
Digital Forensics Case Management and Reporting
DFCS 665 | 3 Credits
Course Desc: A hands-on study of case management and reporting processes, tools, and best practices associated with digital forensics and cyber investigations. The aim is to create and efficiently manage, update, and report on digital forensic cases while sharing results and collaborating with other investigators. Topics include digital forensics case and report management, malware information sharing platforms (MISP), case management tools, digital forensics knowledge base, notification and alert management, and case management statistics. Students may receive credit for only one of the following courses: DFC 640 or DFCS 665.
Legal, Ethical, and Regulatory Requirements for Digital Forensics
DFCS 685 | 3 Credits
Course Desc: A study of the legal, ethical, and regulatory requirements associated with conducting digital forensics and cyber investigations. The objective is to apply appropriate legal and ethical frameworks and processes while reporting cybercrimes and collecting and using digital evidence. Topics include digital forensics relevant to federal, state, and international regulations and statutes on expert witnesses, digital search warrants, digital evidence policies and procedures, codes of ethics, breach notification requirements, and emerging legal issues and policies.
Workplace Learning in Digital Forensics and Cyber Investigation
DFCS 686 | 3 Credits
Course Desc: Prerequisites: 12 graduate credits in the program and prior program approval (requirements detailed online at umgc.edu/wkpl). The integration of discipline-specific knowledge with new experiences in the work environment. Tasks include completing a series of academic assignments that parallel work experiences.
Digital Forensics and Cyber Investigation Capstone
DFCS 690 | 3 Credits
Course Desc: Prerequisites: 24 credits of program coursework, including all core courses. A project-based examination of advanced digital forensics and incident response techniques using appropriate tools applied to real-world scenarios. The goal is to identify forensic evidence and artifacts resulting from a cyberattack or incident. Topics include software reverse engineering, malware and malicious code analysis, use of binary analysis tools, memory forensics, ethical hacking, and secure programming practices. Students may receive credit for only one of the following courses: CYB 670 or DFCS 690.
To check other courses, please check our course information page.