Course Listings

Cyberspace and Cybersecurity Foundations

DFC 610 | 6 Credits

Course Desc: Prerequisite: CBR 600. Gain knowledge of the foundations of cybersecurity, and apply cyber methodologies to cyber architecture, services, protocols, algorithms, hardware and software components, and programming languages. Become familiar with the important role that business continuity planning, security management practices, security architecture, operations security, and physical security play in cybersecurity. Explore the impact of cyber terrorism and national security on cybersecurity. Gain hands-on, real-world experience with state-of-the-art tools and technologies in a lab-intensive environment. Students may receive credit for only one of the following courses: DFC 610 or CST 610.

Digital Forensics Technology and Practices

DFC 620 | 6 Credits

Course Desc: Prerequisite: DFC 610. Gain proficiency with the tools and technologies commonly used in forensic examinations and utilize best practices. Explore procedures for securing and validating evidence, including digital media and physical memory, as well as recovering artifacts and analyzing, reporting, and presenting results in both criminal and civil situations. Gain experience with mobile forensic analysis. Students may receive credit for only one of the following courses: CST 640 or DFC 620.

Digital Forensic Response and Analysis

DFC 630 | 6 Credits

Course Desc: Prerequisite: DFC 620. Utilize tools and techniques in digital forensic investigations involving workstation and mobile platforms. Practice forensic artifact reconstruction and recovery from the file systems of different operating systems, including Windows, Linux, and Macintosh.

Advanced Forensics

DFC 640 | 6 Credits

Course Desc: Prerequisite: DFC 630. Assume the role of a digital forensics professional. Collect and preserve network, server, and cloud-based evidence, and apply analysis techniques. Solve technical challenges such as evidentiary volume and encryption, as well as nontechnical challenges such as jurisdiction and distance in situation-based response scenarios and activities.

Digital Forensics and Cyber Investigation Foundations

DFCS 605 | 3 Credits

Course Desc: A project-based introduction to digital forensics and cyber investigation supporting the collection, examination, analysis and reporting of incidents and cybercrimes. The objective is to participate in data and evidence processing while preserving the integrity of the information and maintaining a strict chain of custody. Topics include online evidence collection, incident response, legal frameworks, cyber-attack investigation, and specialized tools and methodologies used in cyber investigations.

Collection and Examination of Digital Evidence

DFCS 615 | 3 Credits

Course Desc: A hands-on introduction to the data collection and examination phases associated with digital evidence processing. The objective is to identify data, create and analyze forensic images, and use appropriate tools and techniques to support a cybercrime investigation. Topics include data extraction from computer and file systems, mobile phones, storage media, and electronic documents, securing digital evidence, and root cause analysis.

Windows Forensics and Security

DFCS 625 | 3 Credits

Course Desc: A hands-on examination of the tools, procedures, techniques, and data associated with an incident response or cyber investigation on a Windows system. The objective is to use appropriate forensic tools to recover, preserve, and analyze data while identifying threats and improving the security posture and policies of an organization. Topics include Windows operating systems; Windows file systems; forensic tools and techniques; registry, email, and browser forensics; Windows logs; and anti-forensics techniques.

Linux Forensics and Security

DFCS 635 | 3 Credits

Course Desc: A project-based study on how to identify, analyze, and respond to attacks on Linux-based operating systems. The objective is to build forensic analysis and incident response skills through the use of tools to discover evidence of advanced persistent threats and other attacks. Topics include intrusion detection/intrusion prevention, log aggregation and analysis, virtualization, O/S hardening, penetration testing, and Linux file systems.

Cloud and Network Forensics

DFCS 645 | 3 Credits

Course Desc: ¿¿A hands-on examination of the tools and procedures associated with conducting a forensic analysis of network or cloud network incidents. The objective is to collect, examine, and preserve digital evidence and artifacts associated with a network-based cyberattack or incident. Topics include forensic tools and techniques, network monitoring and defense, incident response, intrusion detection/prevention systems, log analysis, cloud computing, and cryptography.

Advanced Log Analysis

DFCS 655 | 3 Credits

Course Desc: A lab-based, hands-on study of the tools and processes used to efficiently extract, arrange, analyze, and manage log files from a variety of applications, devices, and systems. The goal is to process and examine log files to identify tactics, techniques, and procedures used by an adversary as part of a cyberattack or incident. Topics include log analysis, log management, threat detection, auditing, cybersecurity artifacts, security incidents and intrusions, and security information and event management (SIEM) systems and tools.

Network Intrusions

DFCS 660 | 3 Credits

Course Desc: ¿¿A hands-on evaluation of the tools and processes used to defend a cloud-based or traditional network against evolving and persistent threats. The objective is to examine network traffic and logs to correlate events while supporting threat hunting and defense against network attacks. Topics include secure network architecture, network protocols, packet analysis, network intrusion detection and prevention, log analysis, network scanning tools, attack vectors, threat hunting, and network forensics.¿

Digital Forensics Case Management and Reporting

DFCS 665 | 3 Credits

Course Desc: A hands-on study of case management and reporting processes, tools, and best practices associated with digital forensics and cyber investigations. The aim is to create and efficiently manage, update, and report on digital forensic cases while sharing results and collaborating with other investigators. Topics include digital forensics case and report management, malware information sharing platforms (MISP), case management tools, digital forensics knowledge base, notification and alert management, and case management statistics.

Legal, Ethical, and Regulatory Requirements for Digital Forensics

DFCS 685 | 3 Credits

Course Desc: A study of the legal, ethical, and regulatory requirements associated with conducting digital forensics and cyber investigations. The objective is to apply appropriate legal and ethical frameworks and processes while reporting cybercrimes and collecting and using digital evidence. Topics include digital forensics relevant to federal, state, and international regulations and statutes on expert witnesses, digital search warrants, digital evidence policies and procedures, codes of ethics, breach notification requirements, and emerging legal issues and policies.

Workplace Learning in Digital Forensics and Cyber Investigation

DFCS 686 | 3 Credits

Course Desc: ¿¿Prerequisites: 12 graduate credits in the program and prior program approval (requirements detailed online at umgc.edu/wkpl). The integration of discipline-specific knowledge with new experiences in the work environment. Tasks include completing a series of academic assignments that parallel work experiences.¿

Digital Forensics and Cyber Investigation Capstone

DFCS 690 | 3 Credits

Course Desc: Prerequisite: 24 credits of program coursework, including all course courses. A project-based examination of advanced digital forensics and incident response techniques using appropriate tools applied to real-world scenarios. The goal is to identify forensic evidence and artifacts resulting from a cyberattack or incident. Topics include software reverse engineering, malware and malicious code analysis, use of binary analysis tools, memory forensics, ethical hacking, and secure programming practices.