This module provides you with a basic course introduction, provides details to help you navigate the course and other requirements. Please make sure to look through each part. 

This course covers basic computer forensics including operating system diagnostics, the use of forensic toolkits to examine and validate computer activity and techniques for the proper collection, examination and preservation of forensic evidence. 

Learning Outcomes (LOs):

• Discuss the rules, laws, policies, and procedures that affect digital forensics.

• Demonstrate the proper use of one or more common digital forensics tools.

• Describe the steps in performing digital forensics from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, through the completion of legal proceedings.

In each module, you'll find Module Level Outcomes (MLOs). The MLOs show a relationship to the Learning Outcomes using a → character. Each assignment also contains the MLO you are expected to learn from completing it. Providing these details will help you understand why we are covering the material in each module and the purpose of each assignment. 

Not all software is required for this course. I'm sharing links to additional software you might be interested in learning to use outside of class time with you. I will denote the software required for the course using the ✶ character.  

VMware ✶

Microsoft Windows 10/11 ✶

Kali Linux ✶

Recently, VMware started offering VMware Fusion Pro and VMware Workstation Pro for free. Please read and follow the directions in this blog post to obtain the most recent version. 

https://blogs.vmware.com/teamfusion/2024/05/fusion-pro-now-available-free-for-personal-use.html

If you have issues setting up or running any software for this course, please attend office hours. I will help you get items installed and running correctly. Remember, this course is not about installing software, so be sure to contact me ASAP.

The goal of assistive and learning support services is to “level the playing field” to provide equal access to education for all at Leeward Community College. Accommodations given to students with disabilities in no way afford them an unfair advantage. Rather, they are in place to assist students with disabilities to overcome the disadvantages that would otherwise hinder their success.

Website: http://www.leeward.hawaii.edu/dso

Contact Information:

LC 213

Email:  leedso@hawaii.edu

Hours: Monday through Friday 8:00am to 4:00pm

Even though each module lists NetLabs to complete, each NetLab has a specific due date. This is because the NetLabs are mapped to the content being covered, and I want to make sure you complete them while we are focusing on the specific topic.

These write-ups should be well thought out and explain why this lab is important to a forensic investigation. A short one-line answer does not provide the in-depth details required. 

Please take a look at the examples below.

Example 1 (Poor): This NetLab is useful because it teaches basic commands on Kali to hide or view hidden files.

Example 2 (Good): The contents of this Netlab are essential to a forensic investigator because they teach us that files can be hidden by embedding them using free utilities. We also learned how to detect if there is a copy of a file that contains a hidden file or message by looking at ASCII strings. This can be done using the strings command in Linux. A more straightforward way of detection is to look at both files' file sizes (the original and the one with the hidden information). To hide a message in a picture, we first copied the picture and then created a test file that contained a short message. We then used the Steghide utility to hide the text file inside the picture file and set a password for protection. Once that was completed, we extracted it to see if it worked.

During this course, we will use Laulima's Discussion tool to hold conversations. While in the Forum, please make sure you follow these netiquette guidelines. Completing these discussions is a vital part of being successful in this course.

During each forum post, you must post your response and then at least two responses to your peers. These responses should be consistent throughout and not just generic. 

To familiarize yourself with the forum, please complete the self-introduction post by the end of the first week. Please change your profile picture so I can help put faces to your names. You will have to click on the "Home" tab in Laulima and select "Profile" to be able to change your picture.