UCD Home | About UCD | UCD News & Events | Virtual Tour | Contact UCD | Staff Directories | UCD Sitemap | UCD Connect

Module Information

 

COMP40800 Computer Forensics Foundations

This course covers basics of forensic analysis of a stand-alone computer system. The emphasis is on the analysis of personal computers running the Windows operating system.
The topics covered include:

  • Foundations: Time Standards & Data Representation
  • Sources of Evidence in Computer System
  • Volume & Partition forensics
  • FAT File System Forensics
  • NTFS File System forensics

In addition, the course includes one-day disk imaging and live forensics workshop during the examination period.

Completion of this module requires attendance in UCD for an examination and workshop.


LAW40860 Law for IT Investigators

This module deals with the legal framework governing the activities of persons involved in Information Technology security and forensics.
Topics covered will include:

  • Legal issues associated with securing networks (including penetration testing, legal obligations to store data / keep data secure);
  • Legal issues raised in the conduct of investigations (including the legality of network monitoring and employee surveillance, duties to report certain findings to the police, interaction with police investigations);
  • The role of digital evidence in litigation (including the use of discovery, Anton Piller orders and other court procedures, reliability and admissibility of digital evidence, implications of illegally and unconstitutionally obtained evidence).

This course will primarily reflect Irish and European law but, where relevant, comparison will be made with practice in other jurisdictions.


COMP40790 Application Forensics

This is the continuation of the introductory computer forensics module. It discusses in detail the analysing of user activity traces in Windows OS:
The topics covered include:

  • Introduction to core concepts of Windows Security Model and Configuration Management
  • Introduction to forensic analysis of Windows Registry
  • Introduction to forensic analysis of Windows File System Artifacts
  • Introduction to forensic analysis of Internet Application Traces

In addition to assignments, this module features a realistic investigation project.

Completion of this module requires attendance in UCD for an examination.


COMP40760 Investigative Techniques

This module covers the principles and practice of criminal investigation.
The topics covered include:

  • Crime scene search techniques and evidence handling
  • Interviewing suspects and witnesses
  • Developing hypotheses and keeping investigation logs
  • Preparing investigation reports and court testimony

Completion of this module requires attendance in UCD for an examination and workshop.

COMP40750 Corporate Investigations

This module comprises case studies covering major types of corporate investigations involving information technology.

In addition, students are required to perform investigation into a simulated case of information technology misuse.


COMP40770 Information Security

This module teaches students how to investigate crimes directed against computer systems and how to take advantage of information security mechanisms and policies during corporate investigations.
The topics covered include:

  • Stages and techniques of computer intrusion
  • Investigative tactics when investigating computer intrusions
  • Introduction to malware
  • Introduction to malware analysis
  • Information security standards
  • Information security policies
  • Forensic value of information security mechanisms

COMP40780 Digital Investigation Project

This module comprises an individual research project on a real-world topic in digital investigation. At the end of it, each student is expected to write a minor dissertation on the chosen research topic. The purpose of this exercise is to demonstrate the student's ability to conduct independent research and convey the knowledge discovered to colleagues.