Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gerald M. Santoro, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 (slides.

Published byEmory Washington Modified over 9 years ago

Similar presentations

Presentation on theme: "Gerald M. Santoro, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 (slides."— Presentation transcript:

1

2 Gerald M. Santoro, Ph.D. (gms@psu.edu) College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 (slides developed by Prof. Chao-Hsien Chu) IST 454 Computer and Cyber Forensics Learning by Doing Theory  Practice

3 The Needs for Digital Forensics Incident handling Identifying policy violations. Auditing. Investigating crimes. Reconstructing computer security incidents. Troubleshooting operational problems. Log monitoring. Recovering from accidental system damage. Acquiring and retaining data for future use. Exercising due diligence / regulatory compliance. …

4 Personnel Security Physical and Environmental Security Procurement Regulatory and Standards Risk Management Strategic Management System and Application Security Data Security Digital Forensics Enterprise Continuity Incident Management IT Security Training and Awareness IT Systems Operations and Maintenance Network Security and Telecommunications IT Security EBK: 14 Competency Areas

5 IT Security EBK: Model

6 Knowledge and Skills Needed Critical thinking and judgment. 69% Communications (verbal and written). 68% Technical knowledge. 66% Teamwork and collaboration. 52% Ability to lead change. 52% Business knowledge/acumen. 40% Cross functional influence. 35% Influence. 33% Facilitation. 24% Mentoring and coaching. 19% Strategic business planning. 22% Industry participation. 13% SANS Institute 2005 Survey

7 PredictionDetectionForensicsResponse Defense In Depth of Security Feedback IST 451 SRA 111SRA 468 IST 451: Network Security IST 452: Legal & Regulatory Issues IST 453: Computer Forensics Law IST 454: Computer & Cyber Forensics IST 456: Security & Risk Management SRA 111: Security & Risk Analysis SRA 211:Threats of Crime & Terrorism SRA 221: Overview of Information Security SRA 231: Decision Theory SRA 311: Risk Management SRA 472: Integration of Privacy & Security SRA 468: Visual Analytics for Intelligence & Security IST 453 IST 454IST 456 IST 452 SRA 472 Policy/Regulation Firewall/DMZ Access Control/VPN … Qualitative models Quantitative models … Prevention Plans Risk analysis … Scanner IDS Data mining … SRA 311SRA 221 SRA 211SRA 231 Computer crime Economic crime Policies violation …

8 SRA Core Curriculum 111 Intro Security & Risk Analysis 211 Threat of Terrorism & Crime 231 Decision Theory & Analysis Emergency Planning Crisis Management Internship, Guest, & field Experience International Culture Foreign Language (Threats) (Modeling, Analysis) (Problem Solving) Information, People & Technology 200 Statistics (Vulnerabilities) (Techniques) Risk Management: Assessment & Mitigation 311 Legal, Ethical, and Regulatory Issues 432 440 221 Overview of Information Security 110

9 SRA Major - Cyber Security Option (Elective) Support Intro Security & Risk Analysis Intro People, Information & Tech Statistics Intro Overview of Information Security Threat of Terrorism & Crime Decision Theory & Analysis Core Risk Management: Assessment & Mitigation Legal, Ethical, and Regulatory Issues Core Junior Option Networking & Telecommunications Computer & Cyber Forensics Security & Risk Management Network Security Emergency Planning Crisis Management Internship, Guest, & field Experience International Culture Foreign Language Capstone

10 SRA Minor (21 cr.) SRA 111: Intro Security & Risk Analysis IST 110: Intro People, Information & Tech Stat 200: Statistics Intro SRA 221: Overview of Information Security SRA 211: Threat of Terrorism & Crime Core IST 452: Legal, Ethical, & Regulatory Issues IST 220: Networking & Telecommunications IST 451: Network Security IST 454: Computer & Cyber Forensics IST 453: Cyber Forensics Laws SRA 231: Decision Theory & Analysis SRA 311: Risk Mgmt: Assessment & Mitigation IST 456: Security & Risk Management IST 402: Wireless Design & Security Electives (6 cr.) Cyber SecurityDigital Forensics Risk Management

11

12 The Center for Information Assurance at the Pennsylvania State University, through its curricula, certify that Your Name Here has acquired the knowledge and skills that meet the National Training Standard NSTISSI-4011 for the Information Systems Security (INFOSEC) Professionals, established by the Committee on National Security Systems (CNSS) and the National Security Agency (NSA), on December 2005 Dr. Hank Foleys, Dean College of Information Sciences and Technology Certificate of Accomplishment Dr. Chao H. Chu, Executive Director Center for Information Assurance

13 IST 454 focuses on computer and cyber forensics. Students will learn different aspects of computer and cyber crime and ways in which to uncover, protect, exploit, and document digital evidence. Students will be exposed to different types of tools (both software and hardware), techniques and procedure, and be able to use them to perform rudimentary forensic investigations.

14 Course Objectives  Understand the different aspects of computer and cyber crime.  Understand the basic concepts and issues of computer forensics  Understand what tools and techniques to use in computer and cyber crime investigations  Perform basic computer and cyber forensic investigations  Understand the documentation need in performing forensic investigations

15 Terminology Computer Forensics Computer and Network Forensics Computer and Cyber Forensics Cyber Forensics Digital Forensics Digital Forensic Sciences Forensic Sciences

16 Modules Digital / Computer / Cyber Forensics Context of Computer Forensics Knowledge and Skills Needed Data Acquisition – Imaging / Tools Data Authentication / Tools Data Search & Analysis / Tools Forensic Policies and Procedures Operating Systems / File Structure Investigating Window Systems Investigating Linux Systems Data Hiding Techniques / Steganography Overview of Web Forensics Spam, Phishing, E-mail Tracing PDA Forensics Intrusion Detection Honeynet / Network Monitoring Worm Forensics Legal and Ethical Issues Criminal Justice Systems Expert Witness Overview Search, Seizure & Investigation Media & File Systems Analysis Web / Internet Forensics Network & Malware Forensics Legal & Criminal Justice Systems 8 Hands-on Exercises 18 Readings 11 Quizzes / Assignments Term Project: Report & Presentation 1-3 Guess Lectures

17 Theory and Practice 3Problem Solving Skills 3Interpersonal Skills 3Team Work 3Managerial Issues TheoryPractice Hand-on Experience Learning By Doing 3Programming Skills 3Information Technology 3Technical Issues 3Emerging Information Technologies

18 Learning By Doing I Hear and I Forget ! I see and I Remember ! I Do and I Understand ! Confucius (Kung Chiu) 5th - 6th Century, B. C. Chinese Philosopher

19 Albert Einstein Imagination is more important than Knowledge

20 ? ? ? Learning Capability is more important than Knowledge

21 Teaching Philosophy and Principles 3Bridging the gaps between theory and practice 3Learning by doing (hand-on experience) 3Learning capability is more important than knowledge 3Covering both technical and managerial aspects

22 Teamwork - The Key to Winning

23 We Are All in the Same Boat

Download ppt "Gerald M. Santoro, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 (slides."

Similar presentations

The American Distance Education Consortium 65 U.S. State Universities and Land Grant Colleges.

The American Distance Education Consortium 65 U.S. State Universities and Land Grant Colleges.
Designing Educational Opportunities for the Hazard Manager of the 21 st Century Deborah Thomas Dept. of Geography & Env. Sciences University of Colorado.

Designing Educational Opportunities for the Hazard Manager of the 21 st Century Deborah Thomas Dept. of Geography & Env. Sciences University of Colorado.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Information Security and Assurance Center 1 Address: 615 McCallie Avenue Phone: 423-425-4043 Chattanooga TN 37403

Information Security and Assurance Center 1 Address: 615 McCallie Avenue Phone: Chattanooga TN 37403
Information Assurance & Network Security Certificate Prof. Rafael M. Rivera Universidad del Turabo School of Engineering Institute of Telecommunications.

Information Assurance & Network Security Certificate Prof. Rafael M. Rivera Universidad del Turabo School of Engineering Institute of Telecommunications.
Security Controls – What Works

Security Controls – What Works
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
IT Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development EDUCAUSE Live! November 14,

IT Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development EDUCAUSE Live! November 14,
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.

IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.
Information Systems Security Officer

Information Systems Security Officer
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Mohammad Alshayeb 19 May 2009. Agenda Update on Computer Science Program Assessment/Accreditation Work Update on Software Engineering Program Assessment/Accreditation.

Mohammad Alshayeb 19 May Agenda Update on Computer Science Program Assessment/Accreditation Work Update on Software Engineering Program Assessment/Accreditation.
Security Certification

Security Certification
The College of Information Sciences and Technology ist.psu.edu.

The College of Information Sciences and Technology ist.psu.edu.
UMUC HS-EM Graduate Programs Competency Based Model A Work in Progress June 2014 CHDS – EMI Higher Ed Irmak Renda-Tanali, D.Sc. Collegiate Professor Director,

UMUC HS-EM Graduate Programs Competency Based Model A Work in Progress June 2014 CHDS – EMI Higher Ed Irmak Renda-Tanali, D.Sc. Collegiate Professor Director,
Introduction to Computer Forensics Fall 2007. Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (http://www.forensics.nl).http://www.forensics.nl.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J. 2009 w/ T. Scocca.

COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.

Similar presentations

Ads by Google