NEW YORK CITY COLLEGE OF TECHNOLOGY/CUNY

Computer Systems Technology Department

CST3520 – Computer Forensics
Instructor

Course Description
Computer forensics (sometimes known as computer forensic science) is a branch of digital forensic
science pertaining to legal evidence found in computers and digital storage media. The goal of
computer forensics is to examine digital media in a forensically sound manner with the aim of
identifying, preserving, recovering, analyzing, and presenting facts and opinions about the information.
This course will guide students through the fundamentals of forensic investigations, evidence handling,
and storage. This course will also focus on conducting a high-tech investigation, from acquiring digital
evidence, and triage to reporting its findings. Students will learn how to set up a forensics lab, how to
acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital
analysis. They will use free downloads of the latest forensic software and become familiar with the
tools of the trade.

Course Objectives
Upon successful completion of the course, the student should be able to:
1. Demonstrate an understanding of the Computer Forensics field as a profession
2. Demonstrate an understanding of how and where Computer Forensic investigations are
performed
3. Effectively acquire and handle various types of digital forensic artifacts and evidence
4. Demonstrate an understanding of how to process crime and incident scenes from a computer
forensic perspective
5. Demonstrate a deeper understanding of the file systems upon which Operating Systems are
installed
6. Demonstrate an understanding of case-handling processes and documentation
7. Effectively work individually and in teams to find facts using digital artifacts and evidence
8. Effectively communicate case findings to technical and non-technical persons.

Prerequisites CST 2410 with a grade of C or higher

Textbooks
Bill Nelson, Amelia Phillips, Christopher Steuart, Guide to Computer Forensics and Investigations, 6th or
7th Edition, Course Technology, (2018), ISBN 13: 9781337568944 (978-1-337-56894-4),
ISBN: 1337568945 (1-337-56894-5)

** A USB flash drive is required for the LAB activities. Preferred 2GB or 4GB.

References
1. Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and
Investigations, 6th Edition (6th ed.). Boston, MA: Cengage. ISBN: 1337568945. ISBN-
13: 978-1337568944.
2. Michael G. Solomon, K. Rudolph, Ed Tittel and Diane Barret, Computer Forensics JumpStart, 2nd
Edition, Sybex, (2011), ISBN: 978-0470931660.

Grade Requirement
Students must complete all labs/assignments, term project, online certificate, and exams and quizzes.
Students are expected to participate in the classes.

Course grading formula

Midterm Exam 10%
Final Exam 10%
Term Project 25%
Assignments/Labs 25%
Online Certificate 10%
Participation 10%
Quizzes 10%
=====
TOTAL 100%

Letter Grade A A- B+ B B- C+ C D F
Numerical 100-9 92.9- 89.9- 86.9- 82.9- 79.9-7 76.9- 69.9- 59 and
Grade 3 90 87 83 80 7 70 60 below

Assignments and Labs

Assignments and labs will be based on chapter questions and other class-related materials. All
assignments and labs should be submitted to the blackboard. Other submission formats (e.g., via email
or hand-written papers) will not be accepted.

Online Certificate
Students are required to complete the certificate “AWR139 Digital Forensics Basics” offered by the
TEEX. The URL for registering the online certificate: https://teex.org/class/AWR139/. After you receive
(by email) your certificate, upload an e-copy (pdf) of the certificate and the printed email letter (pdf)
to the blackboard by the end of the semester.

Term Project
The term project will be a group project that includes both the final oral presentation and the final
report. The project will rely on lessons learned throughout the course and put students in the
investigator’s shoes. Students need to present in class with PowerPoint slides and submit a formal
project report at the end of the semester. More details will be discussed throughout the semester. Late
submission of the final project is not acceptable.

Participation
Students need to participate in the in-class exercises if there are any. The activities could be polls,
discussions, or solving problems that require students to submit an attempt on Blackboard. The
attempts will not be graded based on correctness. Late submission of the in-class exercise is not
acceptable.
Makeup opportunities for the exams, quizzes, and in-class labs
There will be NO ‘make–up’ exams/quizzes. Unless a valid excuse (medical or family emergencies,
College-related travel such as athletic or academic competitions) is presented in advance, a missed
exam/quiz will receive a score of 0. Students must carefully look at this syllabus and plan well ahead:
personal travel is NOT a valid excuse. No extra time will be given to students who arrive late. No
student will be allowed to take the final exam early.

Course Outline
Week Topics Reading
1 Understanding the Digital Forensics Profession and Investigations Chapter 1
2-3 Computer Forensics Laboratory & Data Acquisition Chapter 2, 3
4 Processing Crime & Incident Scenes Chapter 4
5 Working with Windows and CLI systems Chapter 5
6-7 Linux and Macintosh File systems Chapter 7
7 Midterm
8 Computer Forensic Tools Overview Chapter 6
9 Recovering Graphic Files Chapter 8
10 – 11 Forensic Analysis and Validation Chapter 9
12 Forensic Reporting Chapter 14
13 - 14 Network Forensics; E-Mail and Social Media Investigations Chapter 10, 11
14 Expert Testimony & Ethics Chapter 15, 16
15 Final Exam / Project Presentation

Attendance Policy: Attendance and class participation are essential and excessive absences may affect
the final grade.

Academic Integrity Policy: Students and all others who work with information, ideas, texts, images,
music, inventions, and other intellectual property owe their audience and sources accuracy and
honesty in using, crediting, and citing sources. As a community of intellectual and professional
workers, the College recognizes its responsibility for providing instruction in information literacy and
academic integrity, offering models of good practice, and responding vigilantly and appropriately to
infractions of academic integrity. Accordingly, academic dishonesty is prohibited at The City University
of New York and at New York City College of Technology and is punishable by penalties, including
failing grades, suspension, and expulsion. The complete text of the College policy on Academic
Integrity may be found in the catalog.

Assessment Criteria
For the successful completion of this course Evaluation methods and criteria
a student should be able to:
 Demonstrate understanding of the basic Tests and assignments
concepts and process of computer forensics

Illustrate planning skills in preparing for a Laboratory projects in which students will
computer forensic investigation conduct forensic investigation.

Demonstrate skills in acquiring and handling Laboratory projects in which students will
various types of digital forensic artifacts and handle different types of digital forensic
evidence artifacts
Display the ability to analyze digital forensic Term paper in which students will analyze
artifacts and present the findings in a computer forensics artifacts
comprehensive report
Display the ability to communication case Presentations for the final project
findings through a presentation

City Tech Computer Systems Technology Department Commitment to Student Diversity:

This course welcomes students from all backgrounds, experiences and perspectives. In accordance with
the City Tech and CUNY missions, this course intends to provide an atmosphere of inclusion, respect,
and the mutual appreciation of differences so that together we can create an environment in which all
students can flourish. It is the instructor’s goal to provide materials and activities that are welcoming
and accommodating of diversity in all of its forms, including race, gender identity and presentation,
ethnicity, national origin, religion, cultural identity, socioeconomic background, sexuality and sexual
orientation, ability, neurodivergence, age, and etc. Your instructor is committed to equity and actively
seeks ways to challenge institutional racism, sexism, ableism and other forms of prejudice. Your input is
encouraged and appreciated. If a dynamic that you observe or experience in the course concerns you,
you may respectfully inform your instructor without fear of how your concerns will affect your grade.
Let your instructor know how to improve the effectiveness of the course for you personally, or for other
students or student groups. We acknowledge that NYCCT is located on the traditional homelands of the
Canarsie and Lenape peoples.

Professional Development Center

http://www.citytech.cuny.edu/pdc/
Getting started on the right career path can make all the difference. The Professional Development
Center is here to help make those first steps as easy as possible.

Learning Center
https://www.citytech.cuny.edu/alc/
The College Learning Center, through its extensive computer labs, workshops and tutoring, offers
assistance to students across the entire college population.

Counseling Service Center

https://www.citytech.cuny.edu/counseling/counseling-services.aspx
The Counseling Services Center provides individual counseling services that address personal concerns,
crisis intervention, educational planning and referral services to assist students in achieving their
academic goals. Student privacy is respected.

Center for Student Accessibility

http://www.citytech.cuny.edu/accessibility/faqs.aspx
The Center for Student Accessibility is the disabilities service provider at New York City College of
Technology. The Center provides support to enrolled students who have documented permanent or
temporary disabilities.