I am the module leader for this module. Robert ludwiniak will be team teaching the module with me.

This structure and other information should be considered a draft. All this is subject to change without notice until it is presented in a lecture.

As an aid for students I may have video presentations covering some of the lecture material. This is not exaustive, and I will not be preparing such material for all lectures. It is not a replacement for attenting the University. However you may find it useful. If the video is available it will be shown in the plan. Note if a link appears broken, then the material is not yet available. Check back later.

Module WeekEventSubjectSlidesExtra Material
1 Lecture AIntroduction to Forensics (RL) PPT PDF -
Lecture BLinux Overview + Caine (GR) PPT PDF -
PracticalGetting Started with Caine Using Linuxzoo Video
2 Lecture A+BEssential Linux for Forensics (GR) PPT PDF -
PracticalEssential Linux (ls,cd,cat,etc) -
3 Lecture A+BLinux filesystem + Searching (GR) PPT PDF -
PracticalFilesystem Linux (find,grep,fdisk,etc) -
4 Lecture AForensic Processes (RL) PPT PDF -
Lecture BAdvanced Search in Linux (GR) PPT PDF -
PracticalExtended Linux - regexp,tail,sort,mount -
5 Lecture AThe PC BOOT process (RL) PPT PDF -
Lecture BAdvanced Linux (GR) PPT PDF -
PracticalAdvanced Linux - xxd, gui, autopsy -
6 Lecture A+BForensic Acquisition (RL) PPT PDF -
PracticalImage Capture and Validation -
7 Lecture A+BDisk Analysis (RL) PPT PDF -
PracticalStorage device analysis -
8 Lecture A+BFilesystem Analysis (RL) PPT PDF -
PracticalEssential Filesystem processing -
9 Lecture A+BData Analysis (RL) PPT PDF -
PracticalAdvanced Filesystem Processing -
10 Lecture ARegistry Forensics (RL) PPT PDF -
Lecture BActivity/Browser/app level/Timeline (RL) PPT PDF -
PracticalFile Contents Forensics -
11 Lecture A+BReal-World Walkthrough case study (RL) PPT PDF -
PracticalBrowser and Activity Forensics -
12 Lecture A+BEncase (RL) PPT PDF -
Practical-- No New Labs -- Revision+Catchup -