Return to previous page

SIT703 - Advanced Digital Forensics

Unit details

Year2016 unit information
Enrolment modes:Trimester 2: Burwood (Melbourne), Cloud (online)
Credit point(s):1
EFTSL value:0.125
Unit chair:

Lei Pan

Prerequisite:

Nil

Corequisite:

Nil

Incompatible with:

Nil

Contact hours:

Campus: 1 x 2 hour class per week (week 1 – 6, week 11). 1 x 2 hour practical per week (week 1-6). 1 x 3 hour practical per week (week 7-11).

Cloud (online): Learning experiences are via CloudDeakin. Students will have the opportunity to participate in online consultation sessions.

Content

This unit will allow the student to explore various options available to organisations in investigating problems and attacks on their computer systems. Students will consider a variety of different computer forensic frameworks and generate their own framework in order to assist organisations with systematically documenting, analysing and solving identified issues. In SIT703, students will be able to develop mastery into exploitation techniques including shellcode, DLL hooking and authentication eavesdrop. They will learn how to use Windows system log files, Windows domain authentication and registry mechanisms to acquire digital evidence. They will also develop knowledge of identifying the existence of rootkits and learn how to prevent attacks. The key focus of SIT703 is on identification, preservation, analysis and presentation of digital evidence related to a misuse or intrusion to an enterprise-level system.

Assessment

Technical report 20%, case investigation report 20%, examination 60%

Return to previous page