Educational guide

IDENTIFYING DATA

2017_18

Subject

SYSTEMS AUDITING AND FORENSICS I

Code

01733008

Study programme

MASTER UNIV. INVEST. EN CIBERSEGURIDAD (OL)

Descriptors

Credit.

Type

Year

Period

Compulsory

First

Second

Language

Castellano

Prerequisites

Department

ING.MECANICA,INFORMAT.AEROESP.

Coordinador

SÁNCHEZ GONZÁLEZ , LIDIA

E-mail

lsang@unileon.es
jalfc@unileon.es
jpela@unileon.es

Lecturers

ALFONSO CENDÓN , JAVIER

SÁNCHEZ GONZÁLEZ , LIDIA

PELAEZ ALVAREZ , JUAN DELFIN

Web

http://agora.unileon.es

General description

In this subject, audit and forensics techniques are studied. It includes fundamentals as well as risk management, digital evidence collection and evidence processing and reporting

Tribunales de Revisión

Tribunal titular
Cargo	Departamento	Profesor
Presidente	ING.MECANICA,INFORMAT.AEROESP.	FERNANDEZ DIAZ , RAMON ANGEL
Secretario	ING.MECANICA,INFORMAT.AEROESP.	PANIZO ALONSO , LUIS
Vocal	ING.MECANICA,INFORMAT.AEROESP.	MATELLAN OLIVERA , VICENTE

Tribunal suplente
Cargo	Departamento	Profesor
Presidente	ING.MECANICA,INFORMAT.AEROESP.	FERNANDEZ LLAMAS , CAMINO
Secretario	ING.MECANICA,INFORMAT.AEROESP.	RODRIGUEZ DE SOTO , ADOLFO
Vocal	ING.MECANICA,INFORMAT.AEROESP.	MIELGO ALVAREZ , HONORINO

Competencies

Type A	Code	Competences Specific
	A17067
	A17068
Type B	Code	Competences Transversal
	B5220
	B5221
	B5222
	B5223
	B5224
	B5225
Type C	Code	Competences Nuclear
	C1
	C2
	C3
	C4
	C5

Learning aims

	Competences
Student knows the fundamentals about audit of security systems	A17067
Students knows how the main techniques of forensics are applied to information security and cyber security	A17068
Students know how to elaborate and solve problems about computer security and communications		B5220
Students know how to collect and understand data about computer security and communications		B5221
Students know how to judge relevant social, scientific and ethical issues regarding cybersecurity		B5222
Students know how to provide solutions to the industry in the cybersecurity field		B5223
Students knows how to learn on their own		B5224	C4
Students know how to develop a project of both computer and communication security.		B5225
Students are able to hold and understand issues that provide a chance to be original for developing or applying ideas, mainly in a research context			C5
Students know how to apply the acquired knowledge and how to solve problems in new environments or not well known in widespread contexts (as multidisciplinary) related to their study field			C1
Students can integrate knowledge and face the complexity of framing judgments from information, that might be incomplete or limited, but includes thoughts about social and ethical responsibilities involved with the application of their knowledge and judgment			C2
Students can communicate their conclusions and their knowledge as well as their reasons that support them to specialized and not specialized public in a clear way without ambiguities.			C3

Contents

Topic	Sub-topic
1. Audit and Forensics Overview 2. Auditing Techniques 3. Risk Management 4. Forensic Technologies 5. Digital Evidence Collection 6. Evidentiary Processing and Reporting	1. Audit and Forensics Overview 2. Auditing Techniques 3. Risk Management 4. Forensic Technologies 5. Digital Evidence Collection 6. Evidentiary Processing and Reporting

Planning

Methodologies :: Tests
	Class hours	Hours outside the classroom	Total hours
Assignments	5	34	39

Practicals using information and communication technologies (ICTs) in computer rooms	16	40	56

Lecture	17	33	50

Practical tests	5	0	5

(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies

Methodologies ::

	Description
Assignments	Writing reports that includes the concepts treated in both theoretical and practical lessons.
Practicals using information and communication technologies (ICTs) in computer rooms	Learning activities using computer tools in order to understand the practice of the theoretical concepts
Lecture	Learning activities to introduce the main concepts of the subject that can be individuals or in groups.

Personalized attention

Lecture

Assignments

Practicals using information and communication technologies (ICTs) in computer rooms

Practical tests

Description

Doubts can be solved by email or asking the lecturer

Assessment

	Description	Qualification
Lecture	Assessment of the acquired competences (Summative assessment)	10%
Assignments	Assessment of the acquired competences (Continuous assessment)	40%
Practicals using information and communication technologies (ICTs) in computer rooms	Assessment of the acquired competences (Summative assessment)	20%
Practical tests	Assessment of the acquired competences (Summative assessment)	30%

Other comments and second call
Second call will consist in an assessment of the acquired competences

Sources of information

Access to Recommended Bibliography in the Catalog ULE

Basic	Bill Nelson, Amelia Philips, Christopher Steuart, Guide to computer forensics and investigations. Processing Digital Evidence, Cengage Learning, 5ª Edición Patrick Engebretson, The basics of hacking and penetration testing, Syngress, Elsevier, 2ª Edición Peter Kim, The hacker playbook 2, Secure Planet LLC, 2014

Complementary	Sara Baase, A gift of fire, Pearson, 4ª Edición Ben Clark, Red Team Field Manual, , 2013

Recommendations