CMPS 340 Introduction to Digital Forensics -
Sections 1 and 2 - Spring 2013
Course meets MWF 2:00-3:10pm in Sci III 240 and
Th 12:45-3:15pm in Sci III 315
NOTE: The lab meets in a different room than the lecture. There is another
class in Rm 240 on Thursdays, so be sure to come to Rm 315 on Thursdays.
Investigative techniques, evidence handling procedures, forensic tools,
digital crime reconstruction, and legal guidelines. Case studies cover
a range of hardware and software platforms.
None (CMPS 215 or a good working knowledge of Unix is recommended)
ACM/IEEE Body of Knowledge Topics
CC-OS7: Security and protection
CC-NC6: Network management
CC-SP4: Professional and ethical responsibilities
CC-SP5: Risks and liabilities of computer-based systems
CC-SP8: Computer crime
Incident Response and Computer Forensics, Second Edition by Chris Prosise,
Kevin Mandia, and Matt Pepe; McGraw-Hill; ISBN-10: 007222696X ; ISBN-13:
Addtional Course Notes
This course is an introduction to digital forensic science for Computer
Science, GINS, and Criminal Justice majors and for law enforcement
CMPS 340 is an elective in the Computer Information Track leading to a B.S.
degree in Computer Science and is one of the analytical tools courses in the
B.A. in Global Intelligence and National Security (GINS).
The focus of the course is on the investigation, analysis and response to
computer crime incidents. Major topics include relevant electronic evidence,
probable cause, limits of warrants, chain of custody, the forensics
investigation process, and forensics tools within the context of digital
information. Through hands-on case studies, students will learn how to
gather evidence and to reconstruct criminally liable actions using a variety
of digital forensic tools. The lecture component of the course will cover the
legal and ethical implications of investigation, along with the technical
Several labs will involve Unix/Linux. It is strongly recommended that you take
CMPS 150, a 1-unit course on Unix offered during the first week of the
quarter. This course is CR/NC and will walk you through the basics of Unix.
If you do not have a unit free in your schedule and you are not familiar
with Unix/Linux, then you should review Labs 1 and 2 of CMPS 150 (and the
videos on those labs) in the first week of this course. You may view the
videos and assignments for
A working knowledge of how to install, configure, use and troubleshoot Windows
and/or Unix software is also recommended.
The direct link to the course on Moodle is