Digital Forensics

Major: Cybersecurity
Code of subject: 6.125.00.O.084
Credits: 5.00
Department: Information Technology Security
Lecturer: Professor Olena Nyemkova
Semester: 7 семестр
Mode of study: денна
Learning outcomes: KN 2. To organize own professional activity, to choose optimum methods and ways of the decision of difficult specialized problems and practical problems in professional activity, to estimate their efficiency. KN 3. Use the results of independent search, analysis and synthesis of information from various sources to effectively solve specialized problems of professional activity. KN 4. Analyze, argue, make decisions in solving complex specialized problems and practical problems in professional activities, which are characterized by complexity and incomplete definition of conditions, be responsible for the decisions made. KN 16. Knowledge of the legal basis of research and Ukrainian legislation in the field of information security. KN 21. Knowledge of new domestic and international standards of information security. KN 1.8. Ensure the proper functioning of monitoring systems for information resources and processes in information and telecommunications systems. KN 1.9. Ensure the functioning of software and software-hardware systems for detecting intrusions of different levels and classes (statistical, signature, statistical-signature). KN 1.11. Use tools to monitor processes in information and telecommunications systems. KN 4.7. Act on the basis of the legislative and regulatory framework of Ukraine and the requirements of relevant standards, including international ones in the field of information and / or cybersecurity.
Required prior and related subjects: Computer networks Operating Systems Programming
Summary of the subject: Provides the ability to investigate the presence of traces of digital evidence of cybersecurity incidents in various operating systems, file systems, memory, network. Also provides skills in choosing well-known tools for digital analysis and gathering digital evidence. Provides the ability to independently install workstation software to collect, extract and capture digital evidence.
Assessment methods and criteria: The following methods are used to diagnose knowledge: oral individual interview at each laboratory lesson, individual defense of laboratory reports; credit test at the end of the semester. The maximum score in points: 100, in particular: Execution and defense of laboratory works: 50, exam control: 50.
Recommended books: 1. ISO/IEC 27037:2012 — Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence. https://www.iso27001security.com/html/27037.html 2. David Watson. Digital Forensics Processing and Procedures. - 2013. – 880 p. 3. Cory Altheide. Digital Forensics with Open Source Tools. – 2011. – 275 p.

Digital Forensics

Major: Cybersecurity
Code of subject: 6.125.00.O.085
Credits: 5.00
Department: Information Security
Lecturer: Professor Romaka Volodymyr Afanasiiovych
Semester: 7 семестр
Mode of study: денна
Learning outcomes: ZN 3. Use the results of independent search, analysis and synthesis of information from various sources to effectively solve specialized problems of professional activity. ZN 4. Analyze, argue, make decisions in solving complex specialized problems and practical problems in professional activities, which are characterized by complexity and incomplete definition of conditions, be responsible for decisions ZN 7. Act on the basis of the legislative and regulatory framework of Ukraine and the requirements of relevant standards, including international in the field of information and / or cybersecurity ZN 8. Prepare proposals for regulations to ensure information and / or cybersecurity ZN 9. Implement processes based on national and international standards, identification, analysis and response to information and / or cybersecurity incidents. ZN 3.8. Solve the problems of ensuring the continuity of business processes of the organization on the basis of risk theory and established information security management system, in accordance with domestic and international requirements and standards.
Required prior and related subjects: Regulatory and legal support. Information and cyber security standards and policies. Risk theory. Emergency planning and recovery of information systems.
Summary of the subject: As a result of teaching the discipline, students develop an understanding of the role of improving the efficiency of business processes by detecting and eliminating cybersecurity incidents. This discipline generates the necessary knowledge for students to effectively build security policy, as well as prompt response to cybersecurity incidents. Introduces students to the basics of cybersecurity incident management and incident investigation tools. Physical security and infrastructure security. Aspects of cybersecurity business continuity management. Stages of cybersecurity incident management
Assessment methods and criteria: Current control, which consists of laboratory work and defense of reports, performance and defense of control work, oral examination. 1. Laboratory classes - 45 points. 2. Test, written and oral component - 55 points.
Recommended books: 1. Gulak GM, Grin AK, Melnik SV Methodology of information protection: a textbook. - Kyiv: Publishing House of the Security Service of Ukraine, 2015. - 251 p. 2. ND TZI 1.1-003-99, "Terminology in the field of protection of information in computer systems from unauthorized access", - 30 p. 3. Bogush VM, Information Security of the state. - K .: "MK-Press", 2005. - 432p. 4. Tsimbalyuk VS Information law (theory and practice). Monograph. - К .: 2009. 364 с. 5. Information and cybersecurity: socio-technical aspect: textbook / [V. L. Buryachok, VB Толубко, В.О. Хорошко, С.В. Tolyup]; for the head ed. Dr. Tech. Sciences, Professor VB Tolubka.— K .: DUT, 2015.— 288 p. 6. Kobozeva AA, Machalin IO, Khoroshko VO, Analysis of information systems security. Textbook. - К .: вид. DUICT, 2010. - 316 p.