Syllabus for CYB-441
Network Forensics investigates networks from a digital forensics perspective. It explores application of techniques used in forensic investigations to collect and analyze information from computer networks in response to network intrusions. The course includes analysis of network traffic, identification of threats and vulnerabilities, and evaluation of effects on the system.
After completing this course, students should be able to:
CO1 Describe potential system attacks and the actors who might perform them.
CO2 Compare and contrast the resources and motivations of bad actors in cyberspace.
CO3 Examine the architecture of a particular system in order to identify vulnerabilities and risks.
CO4 Determine the appropriate measures to respond to a system compromise.
CO5 Analyze common security failures.
CO6 Track the packets involved in a simple TCP connection or a trace of such a connection.
CO7 Use a network monitoring tool and network mapping tool to investigate a suspected compromise.
You will need the following materials to do the work of the course. The required textbook is available from the University’s textbook supplier, MBS Direct.
Note about Infosec Learning Labs
In completing your coursework, you will be using Infosec Learning Labs, a virtual platform that contains interactive labs, which provide you with a real-world application and hands-on learning experience to practice various cybersecurity skills and concepts.
To access the labs, visit the Infosec section of the course website. When you click the Infosec Learning Labs link in your course for the first time, you will be redirected to an account setup page. You will be asked for some basic information to create your account and then make a payment. The price covers all labs needed for this course and access for six months.
Network Forensics is a three-credit, online course consisting of six modules. Modules include an overview, topics, learning objectives, study materials, and activities. Module titles are listed below.
For your formal work in the course, you are required to participate in online discussion forums, complete written assignments, complete InfoSec Learning Labs, and complete a final project. See below for details.
Consult the Course Calendar for due dates.
One or more of your course activities may utilize a tool designed to promote original work and evaluate your submissions for plagiarism. More information about this tool is available in this document.
In addition to an ungraded Introductions Forum, you are required to participate in six graded online class discussions.
Communication with your mentor and among fellow students is a critical component of online learning. Participation in online class discussions involves two distinct activities: an initial response to a discussion question and at least two subsequent comments on classmates' responses.
All of these responses must be substantial. Meaningful participation is relevant to the content, adds value, and advances the discussion. Comments such as "I agree" and "ditto" are not considered value-adding participation. Therefore, when you agree or disagree with a classmate or your mentor, state and support your position.
You will be evaluated on the quality and quantity of your participation, including your use of relevant course information to support your point of view, and your awareness of and responses to the postings of your classmates. Remember, these are discussions: responses and comments should be properly proofread and edited, mature, and respectful.
You are required to complete three written assignments. The written assignments are on a variety of topics associated with the course modules. For specific details, consult the individual course modules.
You are required to complete and submit results for five Infosec Learning Labs for this course.
Each lab is either 90 minutes or 120 minutes in duration, regulated by a timer. They are designed to be completed in one sitting to simulate a real experience, so you cannot save your progress to return later. For an optimal experience, use a Chrome web browser with an Internet connection to run the labs.
While completing each lab, take a screenshot toward the end. Then, write a 250- to 300-word reflection (1 page) that describes your overall impressions and experience of completing the lab. Include what you found to be the most difficult steps of the lab, anything that surprised you throughout the process, what you learned, and how the lab specifically relates to the course topics. Submit both the screenshot and your lab reflection to your mentor using the appropriate “Infosec Lab Results” link in Moodle. Your mentor will review your submissions and give you credit for each completed activity. Be sure to reference the Course Calendar for due dates.
Please see the Infosec Learning Labs section of the course website for further details and instructions. Consult the Course Calendar for due dates.
You are required to complete a three-part final project, demonstrating technical skills learned as part of this course. During Part 1, you will use WireShark to obtain a packet capture (pcap) and import the results. Part 2 requires you to analyze the data and present your analysis. Part 3 requires you to reflect on what you learned in the course as well as what you learned when using Wireshark.
Be sure to visit the Final Project area of the course website for full requirements, details, and instructions for this project. Consult the Course Calendar for due dates.
Your grade in the course will be determined as follows:
All activities will receive a numerical grade of 0–100. You will receive a score of 0 for any work not submitted. Your final grade in the course will be a letter grade. Letter grade equivalents for numerical grades are as follows:
To receive credit for the course, you must earn a letter grade of C or better (for an area of study course) or D or better (for a course not in your area of study), based on the weighted average of all assigned course work (e.g., exams, assignments, discussion postings).
To succeed in this course, take the following first steps:
Consider the following study tips for success:
Thomas Edison State University is committed to maintaining academic quality, excellence, and honesty. The University expects all members of its community to share the commitment to academic integrity, an essential component of a quality academic experience.
Students at Thomas Edison State University are expected to exhibit the highest level of academic citizenship. In particular, students are expected to read and follow all policies, procedures, and program information guidelines contained in publications; pursue their learning goals with honesty and integrity; demonstrate that they are progressing satisfactorily and in a timely fashion by meeting course deadlines and following outlined procedures; observe a code of mutual respect in dealing with mentors, staff, and other students; behave in a manner consistent with the standards and codes of the profession in which they are practicing; keep official records updated regarding changes in name, address, telephone number, or e-mail address; and meet financial obligations in a timely manner. Students not practicing good academic citizenship may be subject to disciplinary action including suspension, dismissal, or financial holds on records.
All members of the University community are responsible for reviewing the Academic Code of Conduct Policy in the University Catalog and online at www.tesu.edu.
Thomas Edison State University expects all of its students to approach their education with academic integrity—the pursuit of scholarly activity free from fraud and deception. All mentors and administrative staff members at the University insist on strict standards of academic honesty in all courses. Academic dishonesty undermines this objective. Academic dishonesty can take the following forms:
Thomas Edison State University is committed to helping students understand the seriousness of plagiarism, which is defined as using the work and ideas of others without proper citation. The University takes a strong stance against plagiarism, and students found to be plagiarizing are subject to discipline under the academic code of conduct policy.
If you copy phrases, sentences, paragraphs, or whole documents word-for-word—or if you paraphrase by changing a word here and there—without identifying the author, or without identifying it as a direct quote, then you are plagiarizing. Please keep in mind that this type of identification applies to Internet sources as well as to print-based sources. Copying and pasting from the Internet, without using quotation marks and without acknowledging sources, constitutes plagiarism. (For information about how to cite Internet sources, see Online Student Handbook > Academic Standards > Citing Sources.)
Accidentally copying the words and ideas of another writer does not excuse the charge of plagiarism. It is easy to jot down notes and ideas from many sources and then write your own paper without knowing which words are your own and which are someone else’s. It is more difficult to keep track of each and every source. However, the conscientious writer who wishes to avoid plagiarizing never fails to keep careful track of sources.
Always be aware that if you write without acknowledging the sources of your ideas, you run the risk of being charged with plagiarism.
Clearly, plagiarism, no matter the degree of intent to deceive, defeats the purpose of education. If you plagiarize deliberately, you are not educating yourself, and you are wasting your time on courses meant to improve your skills. If you plagiarize through carelessness, you are deceiving yourself.
For examples of unintentional plagiarism, advice on when to quote and when to paraphrase, and information about writing assistance, click the links provided below.
Examples of Unintentional Plagiarism
When to Quote and When to Paraphrase
Writing Assistance at Smarthinking
Acts of both intentional and unintentional plagiarism violate the Academic Code of Conduct.
If an incident of plagiarism is an isolated minor oversight or an obvious result of ignorance of proper citation requirements, the mentor may handle the matter as a learning exercise. Appropriate consequences may include the completion of tutorials, assignment rewrites, or any other reasonable learning tool in addition to a lower grade for the assignment or course. The mentor will notify the student and appropriate dean of the consequence by e-mail.
If the plagiarism appears intentional and/or is more than an isolated incident, the mentor will refer the matter to the appropriate dean, who will gather information about the violation(s) from the mentor and student, as necessary. The dean will review the matter and notify the student in writing of the specifics of the charge and the sanction to be imposed.
Possible sanctions include:
Copyright © 2019 by Thomas Edison State University. All rights reserved.