10504186Introduction to Internet and Networking Concepts
Course Information
Description
Internet related investigations -- terminology and management of evidence gathered from online sources.  Internet Service Provider Overview.  Hacking Investigations, chatroom, e-mail, website, Phishing, online auction sites, instant messaging, newsgroups and bulletin board, internet related fraud methods, BoNets, viruses, worms, etc.  This course includes includes an overview of how various computer networks work, how to read log files, IP addressing schemes, IP telephony, overview of various file-sharing networks commonly found in forensic investigations.  Basic overview of network intrusion detection, response and reporting.  Overview of Netanalysis, Kazaalyzer, and other standard forensic tools.  An application and Criminal History Check must be submitted to the Program Director prior to registration for this course.
Total Credits
3
Course Competencies
  1. Describe the role of network evidence in criminal and civil investigations
    Assessment Strategies
    by participating in the class
    by completing in-class and homework assignments
    by completing lab exercise
    Criteria
    you enter into class discussions
    you complete assignments in a timely fashion
    you complete the lab exercise successfully
    you attend class regularly
    you arrive for class on time
    you listen attentively during class

  2. Describe, in general, the network infrastructure that composes the Internet
    Assessment Strategies
    by participating in the class
    by researching sources on the topic
    by writing a term paper
    Criteria
    you enter into class discussions using course materials
    you attend class regularly
    you arrive for class on time
    you participate in class activities and labs
    you listen attentively during class

  3. Describe how Internet identifiers, including IP addresses, MAC addresses, hostnames, etc, can be used in investigations and limitations
    Assessment Strategies
    by participating in the class
    by completing lab exercise
    Criteria
    you enter into class discussions
    you complete the lab exercise successfully
    you attend class regularly
    you arrive for class on time
    you listen attentively during class

  4. Perform an investigative analyses of email, web browser and other internet client applications
    Assessment Strategies
    by participating in the class
    by completing in-class and homework assignments
    by group or self presentation on the subject material to the class
    Criteria
    you participate in class discussion using course materials
    you complete assignments in a timely fashion
    you participate equally in a group presentation on the subject matter
    you attend class regularly
    you arrive for class on time
    you listen attentively during class

  5. Perform basic analyses of collected network evidence including network capture files and related logs, eg web server, etc.
    Assessment Strategies
    by participating in the class
    by completing in-class and homework assignments
    by completing lab exercise
    Criteria
    you enter into class discussions
    you complete assignments in a timely fashion
    you complete the lab exercise successfully
    you attend class regularly
    you arrive for class on time
    you listen attentively during class

  6. Perform information gathering with tools such as TCPview, whois, ipconfig, ping, passive DNS, netcat, nmap, windd32/64, Volatility, etc
    Assessment Strategies
    by participating in the class
    by completing in-class and homework assignments
    by completing lab exercise
    Criteria
    you enter into class discussions
    you complete assignments in a timely fashion
    you complete the lab exercise successfully
    you attend class regularly
    you arrive for class on time
    you listen attentively during class