Download presentation
Presentation is loading. Please wait.
Published byEmory Washington Modified over 9 years ago
2
Gerald M. Santoro, Ph.D. (gms@psu.edu) College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 (slides developed by Prof. Chao-Hsien Chu) IST 454 Computer and Cyber Forensics Learning by Doing Theory Practice
3
The Needs for Digital Forensics Incident handling Identifying policy violations. Auditing. Investigating crimes. Reconstructing computer security incidents. Troubleshooting operational problems. Log monitoring. Recovering from accidental system damage. Acquiring and retaining data for future use. Exercising due diligence / regulatory compliance. …
4
Personnel Security Physical and Environmental Security Procurement Regulatory and Standards Risk Management Strategic Management System and Application Security Data Security Digital Forensics Enterprise Continuity Incident Management IT Security Training and Awareness IT Systems Operations and Maintenance Network Security and Telecommunications IT Security EBK: 14 Competency Areas
5
IT Security EBK: Model
6
Knowledge and Skills Needed Critical thinking and judgment. 69% Communications (verbal and written). 68% Technical knowledge. 66% Teamwork and collaboration. 52% Ability to lead change. 52% Business knowledge/acumen. 40% Cross functional influence. 35% Influence. 33% Facilitation. 24% Mentoring and coaching. 19% Strategic business planning. 22% Industry participation. 13% SANS Institute 2005 Survey
7
PredictionDetectionForensicsResponse Defense In Depth of Security Feedback IST 451 SRA 111SRA 468 IST 451: Network Security IST 452: Legal & Regulatory Issues IST 453: Computer Forensics Law IST 454: Computer & Cyber Forensics IST 456: Security & Risk Management SRA 111: Security & Risk Analysis SRA 211:Threats of Crime & Terrorism SRA 221: Overview of Information Security SRA 231: Decision Theory SRA 311: Risk Management SRA 472: Integration of Privacy & Security SRA 468: Visual Analytics for Intelligence & Security IST 453 IST 454IST 456 IST 452 SRA 472 Policy/Regulation Firewall/DMZ Access Control/VPN … Qualitative models Quantitative models … Prevention Plans Risk analysis … Scanner IDS Data mining … SRA 311SRA 221 SRA 211SRA 231 Computer crime Economic crime Policies violation …
8
SRA Core Curriculum 111 Intro Security & Risk Analysis 211 Threat of Terrorism & Crime 231 Decision Theory & Analysis Emergency Planning Crisis Management Internship, Guest, & field Experience International Culture Foreign Language (Threats) (Modeling, Analysis) (Problem Solving) Information, People & Technology 200 Statistics (Vulnerabilities) (Techniques) Risk Management: Assessment & Mitigation 311 Legal, Ethical, and Regulatory Issues 432 440 221 Overview of Information Security 110
9
SRA Major - Cyber Security Option (Elective) Support Intro Security & Risk Analysis Intro People, Information & Tech Statistics Intro Overview of Information Security Threat of Terrorism & Crime Decision Theory & Analysis Core Risk Management: Assessment & Mitigation Legal, Ethical, and Regulatory Issues Core Junior Option Networking & Telecommunications Computer & Cyber Forensics Security & Risk Management Network Security Emergency Planning Crisis Management Internship, Guest, & field Experience International Culture Foreign Language Capstone
10
SRA Minor (21 cr.) SRA 111: Intro Security & Risk Analysis IST 110: Intro People, Information & Tech Stat 200: Statistics Intro SRA 221: Overview of Information Security SRA 211: Threat of Terrorism & Crime Core IST 452: Legal, Ethical, & Regulatory Issues IST 220: Networking & Telecommunications IST 451: Network Security IST 454: Computer & Cyber Forensics IST 453: Cyber Forensics Laws SRA 231: Decision Theory & Analysis SRA 311: Risk Mgmt: Assessment & Mitigation IST 456: Security & Risk Management IST 402: Wireless Design & Security Electives (6 cr.) Cyber SecurityDigital Forensics Risk Management
12
The Center for Information Assurance at the Pennsylvania State University, through its curricula, certify that Your Name Here has acquired the knowledge and skills that meet the National Training Standard NSTISSI-4011 for the Information Systems Security (INFOSEC) Professionals, established by the Committee on National Security Systems (CNSS) and the National Security Agency (NSA), on December 2005 Dr. Hank Foleys, Dean College of Information Sciences and Technology Certificate of Accomplishment Dr. Chao H. Chu, Executive Director Center for Information Assurance
13
IST 454 focuses on computer and cyber forensics. Students will learn different aspects of computer and cyber crime and ways in which to uncover, protect, exploit, and document digital evidence. Students will be exposed to different types of tools (both software and hardware), techniques and procedure, and be able to use them to perform rudimentary forensic investigations.
14
Course Objectives Understand the different aspects of computer and cyber crime. Understand the basic concepts and issues of computer forensics Understand what tools and techniques to use in computer and cyber crime investigations Perform basic computer and cyber forensic investigations Understand the documentation need in performing forensic investigations
15
Terminology Computer Forensics Computer and Network Forensics Computer and Cyber Forensics Cyber Forensics Digital Forensics Digital Forensic Sciences Forensic Sciences
16
Modules Digital / Computer / Cyber Forensics Context of Computer Forensics Knowledge and Skills Needed Data Acquisition – Imaging / Tools Data Authentication / Tools Data Search & Analysis / Tools Forensic Policies and Procedures Operating Systems / File Structure Investigating Window Systems Investigating Linux Systems Data Hiding Techniques / Steganography Overview of Web Forensics Spam, Phishing, E-mail Tracing PDA Forensics Intrusion Detection Honeynet / Network Monitoring Worm Forensics Legal and Ethical Issues Criminal Justice Systems Expert Witness Overview Search, Seizure & Investigation Media & File Systems Analysis Web / Internet Forensics Network & Malware Forensics Legal & Criminal Justice Systems 8 Hands-on Exercises 18 Readings 11 Quizzes / Assignments Term Project: Report & Presentation 1-3 Guess Lectures
17
Theory and Practice 3Problem Solving Skills 3Interpersonal Skills 3Team Work 3Managerial Issues TheoryPractice Hand-on Experience Learning By Doing 3Programming Skills 3Information Technology 3Technical Issues 3Emerging Information Technologies
18
Learning By Doing I Hear and I Forget ! I see and I Remember ! I Do and I Understand ! Confucius (Kung Chiu) 5th - 6th Century, B. C. Chinese Philosopher
19
Albert Einstein Imagination is more important than Knowledge
20
? ? ? Learning Capability is more important than Knowledge
21
Teaching Philosophy and Principles 3Bridging the gaps between theory and practice 3Learning by doing (hand-on experience) 3Learning capability is more important than knowledge 3Covering both technical and managerial aspects
22
Teamwork - The Key to Winning
23
We Are All in the Same Boat
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.