Educational guide | ||||||||||||||||||||||
IDENTIFYING DATA | 2021_22 | |||||||||||||||||||||
Subject | SYSTEMS AUDITING AND FORENSICS I | Code | 01732008 | |||||||||||||||||||
Study programme | ||||||||||||||||||||||
Descriptors | Credit. | Type | Year | Period | ||||||||||||||||||
6 | Compulsory | First | ||||||||||||||||||||
Language |
|
|||||||||||||||||||||
Prerequisites | ||||||||||||||||||||||
Department | ||||||||||||||||||||||
Coordinador | ||||||||||||||||||||||
Lecturers | |
|||||||||||||||||||||
Web | http://agora.unileon.es | |||||||||||||||||||||
General description | In this subject, audit and forensics techniques are studied. It includes fundamentals as well as risk management, digital evidence collection and evidence processing and reporting | |||||||||||||||||||||
Tribunales de Revisión |
|
|||||||||||||||||||||
Competencies |
Type A | Code | Competences Specific |
Type B | Code | Competences Transversal |
Type C | Code | Competences Nuclear |
C1 | ||
C2 | ||
C3 | ||
C4 | ||
C5 |
Learning aims |
Competences | |||
Student knows the fundamentals about audit of security systems | A17023 |
||
Students knows how the main techniques of forensics are applied to information security and cyber security | A17024 |
||
Students know how to elaborate and solve problems about computer security and communications | B5214 |
||
Students know how to collect and understand data about computer security and communications | B5215 |
||
Students know how to judge relevant social, scientific and ethical issues regarding cybersecurity | B5216 |
||
Students know how to provide solutions to the industry in the cybersecurity field | B5217 |
||
Students knows how to learn on their own | B5218 |
C4 |
|
Students know how to develop a project of both computer and communication security. | B5219 |
||
Students are able to hold and understand issues that provide a chance to be original for developing or applying ideas, mainly in a research context | C5 |
||
Students know how to apply the acquired knowledge and how to solve problems in new environments or not well known in widespread contexts (as multidisciplinary) related to their study field | C1 |
||
Students can integrate knowledge and face the complexity of framing judgments from information, that might be incomplete or limited, but includes thoughts about social and ethical responsibilities involved with the application of their knowledge and judgment | C2 |
||
Students can communicate their conclusions and their knowledge as well as their reasons that support them to specialized and not specialized public in a clear way without ambiguities. | C3 |
Contents |
Topic | Sub-topic |
1. Audit and Forensics Overview 2. Auditing Techniques 3. Risk Management 4. Forensic Technologies 5. Digital Evidence Collection 6. Evidentiary Processing and Reporting | 1. Audit and Forensics Overview 2. Auditing Techniques 3. Risk Management 4. Forensic Technologies 5. Digital Evidence Collection 6. Evidentiary Processing and Reporting |
Planning |
Methodologies :: Tests | |||||||||
Class hours | Hours outside the classroom | Total hours | |||||||
Assignments | 5 | 34 | 39 | ||||||
Practicals using information and communication technologies (ICTs) in computer rooms | 16 | 40 | 56 | ||||||
Lecture | 17 | 33 | 50 | ||||||
Practical tests | 5 | 0 | 5 | ||||||
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students. |
Methodologies |
Description | |
Assignments | Writing reports that includes the concepts treated in both theoretical and practical lessons. |
Practicals using information and communication technologies (ICTs) in computer rooms | Learning activities using computer tools in order to understand the practice of the theoretical concepts |
Lecture | Learning activities to introduce the main concepts of the subject that can be individuals or in groups. |
Personalized attention |
|
|
Assessment |
Description | Qualification | ||
Lecture | Assessment of the acquired competences (Summative assessment) | 10% | |
Assignments | Assessment of the acquired competences (Continuous assessment) | 40% | |
Practicals using information and communication technologies (ICTs) in computer rooms | Assessment of the acquired competences (Summative assessment) | 20% | |
Practical tests | Assessment of the acquired competences (Summative assessment) | 30% | |
Other comments and second call | |||
<p>Second call will consist in an assessment of the acquired competences </p> |
Sources of information |
Access to Recommended Bibliography in the Catalog ULE |
Basic |
Bill Nelson, Amelia Philips, Christopher Steuart, Guide to computer forensics and investigations. Processing Digital Evidence, Cengage Learning, 5ª Edición Patrick Engebretson, The basics of hacking and penetration testing, Syngress, Elsevier, 2ª Edición Peter Kim, The hacker playbook 2, Secure Planet LLC, 2014 |
Complementary |
Sara Baase, A gift of fire, Pearson, 4ª Edición Ben Clark, Red Team Field Manual, , 2013 |
Recommendations |