INTERNATIONAL ISLAMIC UNIVERSITY MALAYSIA

COURSE OUTLINE

Kulliyyah Kulliyyah of Information and Communication Technology

Department Computer Science

Programme Bachelor of Computer Science

Bachelor of Information Technology

Course Title Computer Forensics

Course Code CSC 4602

Status Elective

Level 3

Credit Hours 3

Contact Hours 3

Pre-requisites CSC 2201 Computer Networking, CSC 2601 IT Security 1

(if any)
Co-requisites -
(if any)
Instructional Lectures
Strategies Class Discussions
Presentations
Course
Assessment LO Methods (%)
State weightage
of each type of 1, 2, 3 Quiz(s) 15
assessment. 1, 2, 3, 4 Assignment(s) 10
1, 2, 5 Group Project 15
1, 2, 3, 4 Mid Term 20
1, 2, 3, 4, 5 Final Exam 40
Total 100
Instructor(s) MUHAIMIN MOHD JIMIN

Semester Semester I and II

Offered
 To
pro
vid
e
Course Synopsis Th
stu e Computer Forensics program provides its participants
with a comprehensive understanding of computer forensics
de
and investigation tools and techniques. All major personal
nts
computer operating system architectures and disk
wit
hstructures will be discussed. Participants will learn about
an
the most relevant software and hardware tools, the
aw
importance of digital evidence
are
controls, and how to process crime and incident scenes.
nes
Participants can also look forward to in-depth coverage of
skey areas like data acquisition, computer forensic analysis,
of
e-mail investigations, image file recovery, and
the
investigative report writing.
Course im The main objectives of this course are as follows:
Objectives por
tan
ce
Learning At
of the end of the course, students should be able to:
Outcomes sec
1.
uri understand the importance of information security awareness to be
ng able to appreciate IT security and control practices
2.
inf understand the overview of information security concepts and
or principles.
3.
ma identify threats and vulnerabilities in information system.
4.
tio practice secure control while using computing and networking system.
5.
n use and demonstrate security tools given in the course.
To
int Content Outlines
rod
Weeks uc Topics Task/Reading
1 e Information Security Overview Chapter 1 & 2
stu (Conklin,
de • What is information security? W.B. et al)
nt • Security trends, confidentiality, integrity,
im availability and other security concepts. Chapter 1 & 2
por • Security Incidents (Merkow &
tan • Why Security? Breithaupt)
t • Growing IT Security Importance and New
sec Career Opportunities
uri • Information Security Principles
ty • Layered Security
so • Access Controls, Authentication, Security
urc Models
es
2 whOrganisational / Operational Security Chapter 3, 4 &
ich 8 (Conklin,
abl • Security operations in organization W.B. et al)
e • Physical security safeguard
to • The role of people in security
ass
ist
the
m
to
ma
 ain
IC
T
sec
uri
3 ty Risk Management Chapter 20
To (Conklin,
de • Overview of Risk Management W.B. et al)
vel • Risk management models
op • Qualitative and quantitative risk assessment
stu
4 de Disaster Recovery, Business Continuity, and Chapter 19
ntsOrganisational Policies (Conklin,
ski W.B. et al)
lls • Overview of the Business Continuity Plan and
an Disaster Recovery Planning Chapter 6
d • Disaster Recovery Planning (Merkow &
ca Breithaupt)
pa
bili
5 Cryptography & Public Key Infrastructure Chapter 5 & 6
tie
(Conklin,
s
• Algorithm & Hashing W.B. et al)
in
• Symmetric
6 bui
• Asymmetric
ldi
• Digital Certificates

7 Network & Infrastructure Security Chapter 9, 10

& 13
• OSI Model, Network Protocol (Conklin,
8 • Remote Access W.B. et al)
• Intrusion Detection System

9 Security Baselines Chapter 14

(Conklin,
• Password Selection W.B. et al)
• OS Hardening
• Network Hardening
• Application Hardening

10 Attacks and Malware Chapter 15

(Conklin,
• Denial of Service W.B. et al)
• Sniffing/spoofing/social engineering
• Wardialling & Wardriving
• Malware

11 Email Security and Web Components Chapter 16 &

17
• Malicious codes & hoax email (Conklin,
• Spamming W.B. et al)
• Mail encryption
• Protocols
• Code-based vulnerabilities
• Symmetric cryptographic
12 Access Control and Privilege Management Chapter 22
(Conklin,
• Identification & authentication techniques W.B. et al)
• User, group & role management
• Handling access control

13 Computer Forensic Chapter 23

(Conklin,
• Digital Evidence W.B. et al)
• Collection and preservation of evidence
• Free space vs slack space
• Analysis and investigation

14 Ethics and Laws Chapter 24

(Conklin,
• Computer crime categories W.B. et al)
• Privacy laws
• Islamic perspectives

References Required

Conklin, W.A., White, G.B., Cothren, C., Williams, D., & Davis, R.L. (2005).
Principles of computer security: Security+ and beyond. Singapore:
McGraw Hill.

Recommended
Anderson, R. J. (2001). Security engineering: A guide to building dependable
distributed systems. New York: John Wiley.

Gollman, D. (2003). Computer security. West Sussex: John Wiley.

Krause, M., & Tipton, H.F. (2001). Handbook of information security

management. Canada: CRC Press.

Merkow, M., & Breithaupt, J. (2006). Information security principles and

practices. New Jersey: Pearson Prentice Hall.

Pfleeger, C.P., & Pfleeger, S. L. (2003). Security in computing. New Jersey:

Pearson Education Inc.
Proposed
Start Date Semester 1 2007/2008
(Semester)
Batch of
Students to 021 and above
be Affected
Prepared by: Checked by: Approved by:

__________________ __________________ _____________________

(Nurul Nuha Abdul Molok) ( HOD ) (Dean / Director)
CSC 2601 : IT Security I

BACHELOR OF COMPUTER SCIENCE

earning Outcomes Matrix

Programme Outcomes
LO LO LO LO
Learning Outcomes 1 2 3 LO 4 5 LO 6 LO 7 LO 8 LO9 LO1

Understand the overview of information security concepts

and principles 2 1 1 2 2 2 3 3

Identify threats and vulnerabilities in information system 1 1 1 1 1 1 1 2 2

Practice secure control while using computing and

networking system 1 2 2 2 1 1 2 1 1 1

Use and demonstrate security tools given in the course 2 2 2 2 1 2 1 2 1 2

TOTAL 4 7 6 4 4 6 6 6 7 8

AVERAGE 1 2 2 1 1 2 2 2 2 2

Slightly 1

Moderately 2

Substantively 3

PROGRAM LEARNING OUTCOME:

1. Develop, test and evaluate software systems.

2. Recognize the need for and expect to engage in life-long learning for continued
professional excellence.
3. Apply their acquired knowledge to solve practical problems.
4. Team work.
5. Have substantial understanding of computational science and mathematics.
6. Have substantial exposure to advanced topics in software and computing systems.
7. Have a comprehensive computer science education background.
8. Be well prepared to successfully enter the job market and/or graduate studies.
9. To understand professional responsibility.
10. To impart Islamic values and ethics in computer science.