Mobile device forensics is a branch of digital forensics relating to recovery of digital evidence or data from a mobile device under forensically sound conditions. The scope of devices can include mobile phones and any digital device that has both internal memory and communication ability such including PDA and GPS devices and tablet computers. This course focuses on the forensic study of mobile devices due to the rapid proliferation of smartphones and applications such as contacts, photos, calendars and notes, SMS and MMS messages, video, email, web browsing information, location information, and social networking. This increased usage has also seen a marked increase in cybercrime involving smartphones. Students will learn how to perform the forensic examination of mobile devices using the most advanced tools available. Note: Students are required to purchase a mobile device specifically to fulfill course lab requirements.
- Understand and be able to articulate the Risk Management process, including the need for identification of threats, vulnerabilities, and safeguards, and for testing the effectiveness of those safeguards.
- Understand the need for effective Information Technology Risk Management policy, standards, guidance, and procedures within organizations, today.
- Understand the need, uses, and content of a System Security Plan and Risk Assessment within the quantitative and qualitative analysis paradigms.
- Given an organizational scenario, be able to develop a detailed Risk Assessment.
- Given an organizational scenario, identify security policy and enforcement needs and be able to develop those needs into policy or procedures.
- Be able to create and execute effective questions and scenario processes for testing to determine the effectiveness of security controls related to the confidentiality, integrity, and availability of system/network assets in support of risk management.
- Given a series of identified network security safeguards, be able to devise effective and comprehensive Security Test and Evaluation tests.
- Given a series of network vulnerabilities, determine and justify application of cost-effective countermeasures.
- Given a network scenario be able to identify and argue the best long-term contingency planning solution.
- Given an organizational network scenario, be able to design an effective disaster recovery and testing process.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.