Educational guide
IDENTIFYING DATA 2021_22
Subject SYSTEMS AUDITING AND FORENSICS I Code 01732008
Study programme
Descriptors Credit. Type Year Period
6 Compulsory First
Language
Castellano
Prerequisites
Department
Coordinador
E-mail
Lecturers
Web http://agora.unileon.es
General description In this subject, audit and forensics techniques are studied. It includes fundamentals as well as risk management, digital evidence collection and evidence processing and reporting
Tribunales de Revisión
Tribunal titular
Cargo Departamento Profesor
Tribunal suplente
Cargo Departamento Profesor

Competencies
Type A Code Competences Specific
Type B Code Competences Transversal
Type C Code Competences Nuclear
  C1
  C2
  C3
  C4
  C5

Learning aims
Competences
Student knows the fundamentals about audit of security systems A17023
Students knows how the main techniques of forensics are applied to information security and cyber security A17024
Students know how to elaborate and solve problems about computer security and communications B5214
Students know how to collect and understand data about computer security and communications B5215
Students know how to judge relevant social, scientific and ethical issues regarding cybersecurity B5216
Students know how to provide solutions to the industry in the cybersecurity field B5217
Students knows how to learn on their own B5218
C4
Students know how to develop a project of both computer and communication security. B5219
Students are able to hold and understand issues that provide a chance to be original for developing or applying ideas, mainly in a research context C5
Students know how to apply the acquired knowledge and how to solve problems in new environments or not well known in widespread contexts (as multidisciplinary) related to their study field C1
Students can integrate knowledge and face the complexity of framing judgments from information, that might be incomplete or limited, but includes thoughts about social and ethical responsibilities involved with the application of their knowledge and judgment C2
Students can communicate their conclusions and their knowledge as well as their reasons that support them to specialized and not specialized public in a clear way without ambiguities. C3

Contents
Topic Sub-topic
1. Audit and Forensics Overview 2. Auditing Techniques 3. Risk Management 4. Forensic Technologies 5. Digital Evidence Collection 6. Evidentiary Processing and Reporting 1. Audit and Forensics Overview
2. Auditing Techniques
3. Risk Management
4. Forensic Technologies
5. Digital Evidence Collection
6. Evidentiary Processing and Reporting

Planning
Methodologies  ::  Tests
  Class hours Hours outside the classroom Total hours
Assignments 5 34 39
 
Practicals using information and communication technologies (ICTs) in computer rooms 16 40 56
 
Lecture 17 33 50
 
Practical tests 5 0 5
 
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies
Methodologies   ::  
  Description
Assignments Writing reports that includes the concepts treated in both theoretical and practical lessons.
Practicals using information and communication technologies (ICTs) in computer rooms Learning activities using computer tools in order to understand the practice of the theoretical concepts
Lecture Learning activities to introduce the main concepts of the subject that can be individuals or in groups.

Personalized attention
 
Lecture
Assignments
Practicals using information and communication technologies (ICTs) in computer rooms
Practical tests
Description
Doubts can be solved by email or asking the lecturer

Assessment
  Description Qualification
Lecture Assessment of the acquired competences (Summative assessment) 10%
Assignments Assessment of the acquired competences (Continuous assessment) 40%
Practicals using information and communication technologies (ICTs) in computer rooms Assessment of the acquired competences (Summative assessment) 20%
Practical tests Assessment of the acquired competences (Summative assessment) 30%
 
Other comments and second call
<p>Second call will consist in an assessment of the acquired competences </p>

Sources of information
Access to Recommended Bibliography in the Catalog ULE

Basic Bill Nelson, Amelia Philips, Christopher Steuart, Guide to computer forensics and investigations. Processing Digital Evidence, Cengage Learning, 5ª Edición
Patrick Engebretson, The basics of hacking and penetration testing, Syngress, Elsevier, 2ª Edición
Peter Kim, The hacker playbook 2, Secure Planet LLC, 2014

Complementary Sara Baase, A gift of fire, Pearson, 4ª Edición
Ben Clark, Red Team Field Manual, , 2013


Recommendations