MN624 Digital Forensics

Unit Overview

Credit Points:Prerequisite:Co-requisite:Workload:
20.00MN623 Cyber Security and AnalyticsN/A60 contact hours

Aims & Objectives

This is a core unit out of a total of 12 units in the Master of Networking (MNet). This unit addresses the MNet course learning outcomes and complements other courses in a related field by developing students’ specialised knowledge of forensic analysis of a digital storage device, discovery and intrusion investigation on exfiltrate data.

This unit is part of the AQF level 9 (MNet) course.

Students will be able to develop an in‐depth understanding of digital forensics principles as well as the tools and configurations available. Students will also be able to perform ethical hacking and vulnerability testing on enterprise systems with demonstrated knowledge of network vulnerabilities and security protocols.

This unit will cover the following topics:

  • the security threats facing modern network infrastructures
  • implementation of forensic analysis on network devices
  • administration of effective security policies in social media
  • penetration and intrusion testing (red teaming)
  • collection of forensics materials for specialist analysis
  • Legal, ethical, and professional issues in information security
  • Information security architecture planning and ICT governance

Learning Outcomes

At the completion of this unit students should be able to:

  1. Apply socio‐technical contexts in analysing the digital forensic evidences
  2. Record, administer and document digital forensics in social media
  3. Investigate the nature and extent of a network intrusion
  4. Demonstrate competence in applying industry‐standard forensic analysis techniques
  5. Implement forensically sound digital security practices in industry with the limits of relevant governance policies, laws and standards

Teaching Method

Lecture: 2 hours
Laboratory: 2 hours
Tutorial: 1 hours
Face to Face


Assessment TaskLearning Outcomes Assessed*Weighting
Mid term testa10%
Assignment 1b15%
Assignment 2c-d15%
Laboratory participation & submissiona-e10%
Final Examination (2 hours)a-e50%
Total 100%

*refer to learning outcomes above.


Note: Students are required to purchase the prescribed text book and have it available each week in class.

Prescribed Text Book:

B. Nelson, A. Phillips, C. Steuart, Guide to Computer Forensics and Investigations, Cengage Learning, 5th Ed., 2018

Reference Reading

  • C. Chio, D. Freeman, Machine Learning and Security: Protecting Systems with Data and Algorithms, O’Reilly Media Inc., 1st Ed., 2018.
  • M. E. Whitman, H. J. Mattord, Principles of Information Security, Cengage, 6th Ed., 2018
  • A. Basta, N. Basta, M. Brown, Computer Security and Penetration Testing, Cengage, 2nd Ed., 2014
  • J. M. Kizza, Computer Network Security and Cyber Ethics, 4th ed., McFarland, 2014
  • M. Manjikian, Cybersecurity Ethics: An Introduction, Routledge, Oxon, 2018
  • K. J. Jones, R. Bejtlich and C. W. Rose, Real Digital Forensics, Pearson Education, Addison‐Wesley, USA, 2009
  • B. Carrier, File System Forensic Analysis, Addison‐Wesley Professional, USA, 2007
  • E. Casey, Digital Evidence and Computer Crime, 3rd Ed., Elsevier, Academic Press, USA, 2011

Adopted Reference Style: IEEE

MIT is committed to ensure the course is current, practical and relevant so that graduates are “work ready” and equipped for life-long learning. In order to accomplish this, the MIT Graduate Attributes identify the required knowledge, skills and attributes that prepare students for the industry.
The level to which Graduate Attributes covered in this unit are as follows:

Ability to communicateIndependent and Lifelong LearningEthicsAnalytical and Problem Solving Cultural and Global AwarenessTeam workSpecialist knowledge of a field of study



Colour codingExtent covered
 The standard is covered by theory and practice, and addressed by assessed activities in which the students always play an active role, e.g. workshops, lab submissions, assignments, demonstrations, tests, examinations
 The standard is covered by theory or practice, and addressed by assessed activities in which the students mostly play an active role, e.g. discussions, reading, intepreting documents, tests, examinations
 The standard is discussed in theory or practice; it is addressed by assessed activities in which the students may play an active role, e.g. lectures and discussions, reading, interpretation, workshops, presentations 
 The standard is presented as a side issue in theory or practice; it is not specifically assessed, but it is addressed by  activities such as lectures or tutorials
The standard is not considered, there is no theory or practice or activities associated with this standard