The primary objective of the grant is to develop six (6) courses leading to an Associate of Science degree specializing in Digital Forensics and Incident Response.
In order to achieve the primary objective, the project intends to research other similar projects and programs to adapt and adopt from other models. The project team will also confer with professionals working in industry and government roles to ensure that the course content meets industry needs.
Similar projects and programs include Union County College’s Cyber Service! Interdisciplinary & Experiential Education for Cyber Forensics Technicians, Daytona State College’s Southeastern Advanced Cybersecurity Education Consortium, and Ivy Tech Community College’s Adaptation and Implementation of a Cybersecurity and Cyberforensics Curriculum in a Two-Year Community College. These projects and programs will be reviewed for strengths and opportunities to adapt and adopt for the new DFIR program at Coastline College.
Cybersecurity frameworks and models will be used to ensure a variety of input is considered. Three models have been selected for review and mapping to develop the DFIR program, the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (CSWF), CyberSeek, and SANS Institute. The knowledge, skills, abilities, and tasks of the NICE CSWF for work roles in Cyber Defense Incident Responder and Cyber Defense Forensics Analyst were selected to align with the work roles targeted for the DFIR program. The pathways for work roles of Cyber Crime Analyst Investigator and Incident Analyst Responder were selected for review from CyberSeek. And, lastly, the SANS Institute GIAC Certifications for Forensic Examiner and Incident Handler were reviewed.
An advisory board comprised of professionals with a broad range of work experience in digital forensics and incident response will provide strategic advice to Coastline College faculty for the development of curriculum for the DFIR program.
Principal Investigator
Professor Tobi West, CISSP, GCFE
CIS/CST/DGA Department Chair
714-714-7244
twest@coastline.edu
12901 Euclid St
Garden Grove, CA 92840
|
Award Name |
Description |
|
Associate of Science in Digital Forensics and Incident Response |
The Associate of Science in Digital Forensics and Incident Response will provide students with a solid foundation in the field of cybersecurity with specialization in cyber defense techniques. The program is designed to prepare students for entry-level cyber CYBR C150 OR CST C245 Intro to Digital Forensics CYBR C160 Intro to Incident Response CYBR C170 Cybercrime and CSIRT Coordination CYBR C250 Intermediate Digital Forensics CYBR C260 Intermediate Incident Response CYBR C280 Advanced DFIR Capstone |
|
Certificate of Achievement in Digital Forensics and Incident Response |
The Certificate of Achievement in Digital Forensics and Incident Response will provide students with a solid foundation in the field of cybersecurity with specialization in cyber defense techniques. The program is designed to prepare students for entry-level cyber jobs or to help them advance into mid-level cyber careers, such as cybercrime analyst, cyber incident analyst, cyber incident responder, digital forensic examiner, digital forensic technician, and vulnerability tester. Topics covered include planning and scoping a cyber incident, domestic and international cyber laws, ethics, chain of custody, incident detection and analysis, anti-forensic techniques, timeline analysis, incident containment, eradication, recovery, report preparation, and expert testimony. The program includes hands-on and technical writing assignments to help students develop their skills for the cybersecurity workforce. CYBR C150 OR CST C245 Intro to Digital Forensics CYBR C160 Intro to Incident Response CYBR C170 Cybercrime and CSIRT Coordination CYBR C250 Intermediate Digital Forensics CYBR C260 Intermediate Incident Response CYBR C280 Advanced DFIR Capstone |
With a three year grant funding period, the project will run October 1, 2019 through September 30, 2021. Major milestone activities for the project include curriculum development, course content development, and hands-on lab assignment development. The project’s Principal Investigator, Tobi West, will report annually, at the end of each budget period, to the assigned Program Manager at the National Science Foundation.
|
Course # |
Course Name |
Description |
|
CYBR 150 OR |
Introduction to Digital Forensics |
Students will explore an introduction to digital forensics using open source applications. Topics covered include chain of custody, forensic acquisition of data, forensic evidence reporting, expert witness testimony, timeline analysis, and anti-forensic techniques. Hands-on assignments will be used to develop introductory technical skills relevant to entry-level cybersecurity professionals. This course is intended for students with computer experience and an interest in cyber defense for private organizations or government law enforcement. Careers and emerging trends in the field of cybersecurity will be evaluated. |
|
CYBR C160 |
Introduction to Incident Response |
Students will explore an introduction to cyber incident response using industry-recognized tools. Topics covered include incident response case studies, incident response tools used in industry, advanced persistent threats, documentation and technical reporting, timeline analysis, case management, and hunting, gathering, and foraging for cyber threats. Hands-on assignments will be used to help students develop introductory technical skills relevant to entry-level cybersecurity professionals. This course is intended for students with computer experience and an interest in cyber defense for private organizations or government law enforcement. Careers and emerging trends in the field of cybersecurity will be evaluated. |
|
CYBR C170 |
Cybercrime and CSIRT Coordination |
Students will explore an introduction to laws relevant to cybercrime and the roles of the Cyber Security Incident Response Team (CSIRT). Topics covered include international, federal, and state laws relevant to cybercrime, an overview of the U.S. court system and jurisdictions, CSIRT coordination within the team and with stakeholders internal to the organization, ethics pertaining to cyber professionals, project management, technical writing, countermeasures, and compliance. This course is intended for students with an interest in cyber defense for private organizations or government law enforcement. Careers and emerging trends in the field of cybersecurity will be evaluated. |
|
CYBR C250 |
Intermediate Digital Forensics |
Students will explore digital forensic techniques using industry-recognized tools. Topics covered include an introduction to network forensics and mobile device forensics, investigative and extraction tools, live acquisition data, evidence reporting, time-stomping and anti-forensic techniques, and the significance of time zones for forensic case analysis. Hands-on assignments will be used to develop technical skills relevant to entry-level cybersecurity professionals. This course is intended for students with computer experience and an interest in cyber defense for private organizations or government law enforcement. Careers and emerging trends in the field of cybersecurity will be evaluated. |
|
CYBR C260 |
Intermediate Incident Response |
Students will explore incident response techniques using industry-recognized tools. Topics |
|
CYBR C280 |
Advanced Digital Forensics & Incident Response Capstone |
Students will explore advanced digital forensics and incident response techniques using industry-recognized tools. Hands-on projects will be used to demonstrate technical skills relevant to entry-level cybersecurity professionals. Students will analyze a simulated case and report findings through technical documents and presentation. This course is intended for students with computer experience and an interest in cyber defense for private organizations or government law enforcement. Careers and emerging trends in the field of cybersecurity will be evaluated. |
The DFIR program courses and awards will be offered under the new Cybersecurity subject code designated as CYBR on Coastline College’s searchable schedule. Students interested in the program can begin taking CST C245 Computer Forensics in the spring 2020 semester and additional courses will be offered in the fall 2020 semester. The awards are anticipated to be offered as early as fall 2020.
|
Year |
Date Range |
Anticipated Activities |
|
1 |
Oct 1, 2018 – Sep 30, 2019 |
|
|
2 |
Oct 1, 2019 – Sep 30, 2020 |
|
|
3 |
Oct 1, 2020 – Sep 30, 2021 |
|
