•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Digital Forensics

The intent of the Digital Forensics Knowledge Unit is to provide students with the skills to apply forensics techniques throughout an investigation life cycle with a focus on complying with legal requirements.

Topics

  1. Legal Compliance a. Applicable Laws b. Affidavits c. How to Testify d. Case Law e. Chain of custody
  2. Digital Investigations a. E-Discovery b. Authentication of Evidence c. Chain of Custody Procedures d. Metadata e. Root Cause Analysis f. Using Virtual Machines for Analysis
  3. Legal Compliance
  4. Describe the steps in performing digital forensics from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, through the completion of legal proceedings.
  5. e. Root Cause Analysis
  6. Legal Compliance a. Applicable Laws
  7. Root Cause Analysis
  8. Using Virtual Machines for Analysis
  9. Discuss the rules, laws, policies, and procedures that affect digital forensics
  10. Use one or more common DF tools, such as EnCase, FTK, ProDiscover, Xways, SleuthKit.
  11. Digital Investigations
  12. Legal Compliance

Outcomes

  1. Discuss the rules, laws, policies, and procedures that affect digital forensics
  2. Use one or more common DF tools, such as EnCase, FTK, ProDiscover, Xways, SleuthKit.
  3. Describe the steps in performing digital forensics from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, through the completion of legal proceedings.
  4. Digital Investigations
  5. Legal Compliance
  6. Legal Compliance

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0017 Knowledge of concepts and practices of processing digital forensic data.
K0107 Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations.
K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
K0155 Knowledge of electronic evidence law.
K0351 Knowledge of applicable statutes, laws, regulations and policies governing cyber targeting and exploitation.
K0156 Knowledge of legal rules of evidence and court procedure.
K0043 Knowledge of industry-standard and organizationally accepted analysis principles and methods.
K0343 Knowledge of root cause analysis techniques.
K0118 Knowledge of processes for seizing and preserving digital evidence.
K0123 Knowledge of legal governance related to admissibility (e.g. Rules of Evidence).
K0125 Knowledge of processes for collecting, packaging, transporting, and storing electronic evidence while maintaining chain of custody.
ID DESCRIPTION
S0047 Skill in preserving evidence integrity according to standard operating procedures or national standards.
S0075 Skill in conducting forensic analyses in multiple operating system environments (e.g., mobile device systems).
S0109 Skill in identifying hidden patterns or relationships.
S0175 Skill in performing root cause analysis.
ID DESCRIPTION
A0046 Ability to monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies.
ID DESCRIPTION