Syllabus for CYB-441

NETWORK FORENSICS


COURSE DESCRIPTION

Network Forensics investigates networks from a digital forensics perspective. It explores application of techniques used in forensic investigations to collect and analyze information from computer networks in response to network intrusions. The course includes analysis of network traffic, identification of threats and vulnerabilities, and evaluation of effects on the system.

COURSE TOPICS

COURSE OBJECTIVES

After completing this course, students should be able to:

CO1        Describe potential system attacks and the actors who might perform them.

CO2        Compare and contrast the resources and motivations of bad actors in cyberspace.

CO3        Examine the architecture of a particular system in order to identify vulnerabilities and risks.

CO4        Determine the appropriate measures to respond to a system compromise.

CO5        Analyze common security failures.

CO6        Track the packets involved in a simple TCP connection or a trace of such a connection. 

CO7        Use a network monitoring tool and network mapping tool to investigate a suspected compromise. 

COURSE MATERIALS

You will need the following materials to complete your coursework. Some course materials may be free, open source, or available from other providers. You can access free or open-source materials by clicking the links provided below or in the module details documents. To purchase course materials, please visit the University's textbook supplier.

Required Textbook

ISBN-13: 978-1119328285

Note about Infosec Learning Labs

In completing your coursework, you will be using Infosec Learning Labs, a virtual platform that contains interactive labs, which provide you with a real-world application and hands-on learning experience to practice various cybersecurity skills and concepts. 

To access the labs, visit the Infosec section of the course website. When you click the Infosec Learning Labs link in your course for the first time, you will be redirected to an account setup page. You will be asked for some basic information to create your account and then make a payment. The price covers all labs needed for this course and access for six months.

COURSE STRUCTURE

Network Forensics is a three-credit, online course consisting of six modules. Modules include an overview, topics, learning objectives, study materials, and activities. Module titles are listed below.

ASSESSMENT METHODS

For your formal work in the course, you are required to participate in online discussion forums, complete written assignments, complete InfoSec Learning Labs, and complete a final project. See below for details.

Consult the Course Calendar for due dates.

Promoting Originality

One or more of your course activities may utilize a tool designed to promote original work and evaluate your submissions for plagiarism. More information about this tool is available in this document.

Discussion Forums

In addition to an ungraded Introductions Forum, you are required to participate in six graded online class discussions.

Communication with your mentor and among fellow students is a critical component of online learning. Participation in online class discussions involves two distinct activities: an initial response to a discussion question and at least two subsequent comments on classmates' responses.

All of these responses must be substantial. Meaningful participation is relevant to the content, adds value, and advances the discussion. Comments such as "I agree" and "ditto" are not considered value-adding participation. Therefore, when you agree or disagree with a classmate or your mentor, state and support your position.

You will be evaluated on the quality and quantity of your participation, including your use of relevant course information to support your point of view, and your awareness of and responses to the postings of your classmates. Remember, these are discussions: responses and comments should be properly proofread and edited, mature, and respectful.

Written Assignments

You are required to complete three written assignments. The written assignments are on a variety of topics associated with the course modules. For specific details, consult the individual course modules.

InfoSec Learning Labs

You are required to complete and submit results for five Infosec Learning Labs for this course.

Each lab is either 90 minutes or 120 minutes in duration, regulated by a timer. They are designed to be completed in one sitting to simulate a real experience, so you cannot save your progress to return later. For an optimal experience, use a Chrome web browser with an Internet connection to run the labs.

While completing each lab, take a screenshot toward the end. Then, write a 250- to 300-word reflection (1 page) that describes your overall impressions and experience of completing the lab. Include what you found to be the most difficult steps of the lab, anything that surprised you throughout the process, what you learned, and how the lab specifically relates to the course topics. Submit both the screenshot and your lab reflection to your mentor using the appropriate “Infosec Lab Results” link in Moodle. Your mentor will review your submissions and give you credit for each completed activity. Be sure to reference the Course Calendar for due dates.

 

Please see the Infosec Learning Labs section of the course website for further details and instructions. Consult the Course Calendar for due dates.

Final Project

You are required to complete a three-part final project, demonstrating technical skills learned as part of this course. During Part 1, you will use WireShark to obtain a packet capture (pcap) and import the results. Part 2 requires you to analyze the data and present your analysis. Part 3 requires you to reflect on what you learned in the course as well as what you learned when using Wireshark.

Be sure to visit the Final Project area of the course website for full requirements, details, and instructions for this project. Consult the Course Calendar for due dates.

GRADING AND EVALUATION

Your grade in the course will be determined as follows:

All activities will receive a numerical grade of 0–100. You will receive a score of 0 for any work not submitted. Your final grade in the course will be a letter grade. Letter grade equivalents for numerical grades are as follows:

A

=

93–100

C+

=

78–79

A–

=

90–92

C

=

73–77

B+

=

88–89

C–

=

70–72

B

=

83–87

D

=

60–69

B–

=

80–82

F

=

Below 60

To receive credit for the course, you must earn a letter grade of C or better (for an area of study course) or D or better (for a course not in your area of study), based on the weighted average of all assigned course work (e.g., exams, assignments, discussion postings).

STRATEGIES FOR SUCCESS

First Steps to Success

To succeed in this course, take the following first steps:

Study Tips

Consider the following study tips for success:

ACADEMIC POLICIES

To ensure success in all your academic endeavors and coursework at Thomas Edison State University, familiarize yourself with all administrative and academic policies including those related to academic integrity, course late submissions, course extensions, and grading policies.

For more, see:

Copyright © 2019 by Thomas Edison State University. All rights reserved.