Cyber Forensics

Description

Cyber Forensics Program Description 

The Master of Science in Cyber Forensics specializes in the process of forensically examining computer systems to perform event reconstruction and to identify inappropriate access or data exfiltration and the mechanisms by which the attacks occurred. Students will be trained to implement digital evidence collection techniques and to use scientific methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of such evidence. This degree will prepare graduates for positions in a number of industries needing forensic specialists who perform active and defensive computer forensic techniques that extend beyond e-discovery.

Students in this program will use current techniques and tools to analyze systems involved with incidents of unauthorized and inappropriate computer system access, theft of electronic information, cyber attacks, and other cyber crimes. Relevant technical and legal topics are covered to ensure graduates perform thorough incident response, intrusion analysis, and presentation of findings.

The program will utilize Stevenson's highly specialized virtual lab environment, in addition to hybrid and face-to-face instruction using state-of-the-art forensic technology which allows students to do hands-on work related to advanced forensic analysis, either remotely or on campus. Stevenson's virtual lab environment gives students hands-on, real-time experience in analyzing servers, desktops, laptops, firewalls, networks, clouds, and other digital environments that require examination. Students will be trained to implement professional digital evidence collection techniques to identify, analyze, document, and prepare digital evidence for official investigations and legal proceedings.

All coursework can be completed entirely online in 8-week sessions with the exception of an 8-hour on-site class requirement for CYBF 664.

Objectives

Cyber Forensics Program Outcomes

Upon completion of the Master of Science in Cyber Forensics, graduates will be able to:

  • Select the appropriate tools to recover operating systems, artifacts, and data.
  • Identify current attack vectors and exploited vulnerabilities, including advanced persistent threats, used by criminals to gain access to information systems and propose appropriate defenses to exploitation.
  • Analyze information systems for signs of breaches and identify data that has been exfiltrated from those systems.
  • Produce a professional forensic report that includes the methodology used for the collection, handling, and preservation of digital evidence.
  • Interpret and apply the applicable laws and statutes that govern the search and seizure of digital evidence.
  • Collect and preserve digital evidence (including volatile data and network data) during a computer forensic examination in an appropriate and effective manner.
  • Provide an oral defense of the findings that appear in a written report.

Policies

Cyber Forensics Program Policies

The grade of "C" is the lowest acceptable grade, and only one can be awarded during the program. A student may repeat one course in a graduate program one time. Once a student has repeated a course, the student will not be permitted to repeat any other courses. If a student repeats a course, only the latter grade is used in computing the grade point average. However, all courses taken become a part of the student's academic record. Further, a student may withdraw from each graduate course one time only.

A minimum cumulative 3.00 grade point average on all graduate work attempted is required for graduation. Only one grade of "C" may be applied toward the GPA requirement. Degree requirements must be completed within seven years after the first course applied to the degree was completed.

Prerequisite Reqirements

Cyber Forensics Program Prerequisite Requirements

Students who wish to enter the master's program in cyber forensic smust meet the following admissions prerequisite requirements:

  • Bachelor's degree from an accredited institution in a related field (information assurance, computer science, network administration or computer security) and at least two years of related work experience.
OR
  • Bachelor's degree from an accredited institution in an unrelated field and at least five years experience in information technology, telecommunication systems, system administration, network management, or information assurance.

Requirements

Required Courses:

CYBF 643/FSIS 643Incident Response and Evidence Collection

3 credits

CYBF 644/FSIS 644Windows Forensic Examinations

3 credits

CYBF 650/FSIS 650Intrusion Detection Systems (IDS), Firewalls, Auditing

3 credits

CYBF 661/BTM 661E-Systems Security

3 credits

CYBF 662/FSIS 662Network Penetration Testing

3 credits

CYBF 663/FSIS 663Network and Cloud Forensics

3 credits

CYBF 664/FSIS 664Mobile Device Forensics

3 credits

CYBF 670Cyber Warfare and Cyber Terrorism

3 credits

CYBF 675Live Response and Live Acquisition

3 credits

CYBF 680Legal Compliance and Ethics

3 credits

CYBF 685Malware Detection, Analysis, and Prevention

3 credits

CYBF 710Mock Intrusion and Response

3 credits

Course Descriptions

See CYBF - Cyber Forensics Courses