Does not apply.

Course Objectives - To provide a comprehensive understanding of the foundations, methodologies, and procedures of digital forensic analysis. - To familiarize students with the forensic laboratory environment, specialized tools, and best practices for the acquisition, analysis, and preservation of digital evidence. - To develop students¿ skills in using specific tools for forensic analysis across various environments, including file systems, memory, networks, mobile devices, and the Internet. - To raise awareness of anti-forensic techniques and the importance of integrity and quality throughout the forensic process. - To equip students with the ability to write forensic reports that may serve as valid evidence in legal or disciplinary proceedings. Learning Outcomes Upon successful completion of the course, students will be able to: - Define and explain the fundamental concepts of digital forensic analysis and its relevance to cybersecurity and information systems management. - Identify and apply appropriate policies and procedures within a forensic laboratory setting. - Use forensic tools to accurately acquire, preserve, analyze, and interpret digital evidence in accordance with legal standards. - Conduct forensic analyses on various types of media and environments, including file systems, RAM, network traffic, online services, and mobile devices. - Detect and evaluate anti-forensic techniques that may compromise the integrity of evidence. - Produce clear, comprehensive, and legally sound forensic technical reports suitable for judicial or administrative contexts. - Understand the importance of quality assurance, traceability, and the chain of custody throughout the forensic investigation process.

Forensic analysis of information systems: 1. Introduction to forensic analysis 1.1. What is it? 1.2. Case examples 1.3. Key concepts 2. Forensic analysis lab 2.1. Lab description 2.2. Policies and procedures 2.3. Quality assurance 2.4. Tools 2.5. Evidences: gathering, analysis and custody 2.6. Forensic report 3. Forensics analysis tools 3.1. Forensic analysis of file systems 3.2. Forensic analysis of memory 3.3. Forensic analysis in computer networks 3.4. Forensic analysis related to Internet and e-mail 3.5. Forensic analysis of mobile devices 3.6. Anti-forensics tools and techniques

Learning activities: Theoretical lectures Practical lectures Mixed theoretical and practical lectures Laboratory practices Tutoring sessions Teamwork Individual work by the student In this subject, concepts will be applied live during the sessions. For this purpose, a set of exercises will be taken as a basis for each session. Students will have to develop several practical cases of forensic analysis. As part of their work, students may have to perform a critical analysis of other students' forensic reports. Particularly, the methodology is based on: - MD1. Lectures using computers in which key concepts are introduced and bibliography is pointed out. - MD2. Critical analysis of readings (articles in press, reports, manuals, papers, etc.) suggested by teachers. This may be used for a further discussion or to consolidate concepts. - MD3. Practical case and problems resolution, individually or in groups. - MD4. Presentation or discussion of related topics and practical cases. - MD5. Development of tasks and reports, individually or in groups.