Dr. Melissa Danforth

Computer and Electrical Engineering and Computer Science Department
California State University, Bakersfield

Skip navigation links

CMPS 340 Introduction to Digital Forensics - Sections 1 and 2 - Spring 2013
Course meets MWF 2:00-3:10pm in Sci III 240 and Th 12:45-3:15pm in Sci III 315

NOTE: The lab meets in a different room than the lecture. There is another class in Rm 240 on Thursdays, so be sure to come to Rm 315 on Thursdays.

Course Description
Investigative techniques, evidence handling procedures, forensic tools, digital crime reconstruction, and legal guidelines. Case studies cover a range of hardware and software platforms.
None (CMPS 215 or a good working knowledge of Unix is recommended)
ACM/IEEE Body of Knowledge Topics
CC-OS7: Security and protection
CC-NC6: Network management
CC-SP4: Professional and ethical responsibilities
CC-SP5: Risks and liabilities of computer-based systems
CC-SP8: Computer crime
Incident Response and Computer Forensics, Second Edition by Chris Prosise, Kevin Mandia, and Matt Pepe; McGraw-Hill; ISBN-10: 007222696X ; ISBN-13: 978-0072226966
Addtional Course Notes
This course is an introduction to digital forensic science for Computer Science, GINS, and Criminal Justice majors and for law enforcement professionals. CMPS 340 is an elective in the Computer Information Track leading to a B.S. degree in Computer Science and is one of the analytical tools courses in the B.A. in Global Intelligence and National Security (GINS).

The focus of the course is on the investigation, analysis and response to computer crime incidents. Major topics include relevant electronic evidence, probable cause, limits of warrants, chain of custody, the forensics investigation process, and forensics tools within the context of digital information. Through hands-on case studies, students will learn how to gather evidence and to reconstruct criminally liable actions using a variety of digital forensic tools. The lecture component of the course will cover the legal and ethical implications of investigation, along with the technical aspects.

Course Recommendations
Several labs will involve Unix/Linux. It is strongly recommended that you take CMPS 150, a 1-unit course on Unix offered during the first week of the quarter. This course is CR/NC and will walk you through the basics of Unix. If you do not have a unit free in your schedule and you are not familiar with Unix/Linux, then you should review Labs 1 and 2 of CMPS 150 (and the videos on those labs) in the first week of this course. You may view the videos and assignments for CMPS 150 at http://www.cs.csubak.edu/cs150

A working knowledge of how to install, configure, use and troubleshoot Windows and/or Unix software is also recommended.

Moodle Link
The direct link to the course on Moodle is http://moodle.cs.csubak.edu/moodle/course/view.php?id=70