| Code |
17952
|
| Year |
1
|
| Semester |
S2
|
| ECTS Credits |
6
|
| Workload |
PL(30H)/T(30H)
|
| Scientific area |
Informatics
|
|
Entry requirements |
N/A
|
|
Learning outcomes |
The course unit aims to study and analyze the processes involved in the planning, execution, and reporting of audits to information systems, as well as procedures for evidence collection, tracing, recovery, and data analysis in a digital forensics context. Students are expected to understand the strategies, requirements, and procedures associated with audits and forensic analysis, including the applicable standards, legislation, and ethical considerations. In terms of competencies, students should be able to: design, implement, and conduct audits of information systems, covering network, software, and vulnerability analysis aspects; analyze malware through static code analysis and behavioral analysis in a sandbox environment; understand incident response procedures; understand methodologies and best practices for digital evidence collection and forensic analysis; and be familiar with information-hiding techniques and steganography methods.
|
|
Syllabus |
1.Audit process, ethics, legislation, and regulation
2.Network auditing
3.Vulnerability analysis
4.Software auditing
5.Collection of artifacts, files, and metadata
6.Malware analysis and sandboxing
7.Incident response and reporting
8.Digital evidence and data acquisition
9.Reconstruction of timelines, actions, and hidden information
10.Information-hiding and steganography techniques
|
|
Main Bibliography |
IT Auditing Using Controls to Protect Information Assets, Mike Kegerreis,Mike Schiller, Chris Davis. McGraw Hill editors, 3rd edition,2019.
Digital Forensics and Incident Response: Incident response Techniques and Procedures to Respond to Modern Cyber Threats,Gerard Johansen, Packt, 2nd edition,2020.
Ethical Hacking and Penetration Testing Guide, Rafay Baloch, Taylor & Francis, 1stedition, 2017.
NIST Special Publication 800-115, Technical Guide to Information Security Testing and Assessment, National Institute of Standards and Technology, 2008
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, Mark Dowd, John McDonald, Justin Schuh, Addison-Wesley Professional, 1 edition, pp. 1200, 2006.
Segurança em Redes Informáticas, André Zúquete, FCA -Editora de Informática, 6ª Ed. (actualizada e aumentada), 2021.
|
|
Teaching Methodologies and Assessment Criteria |
The course unit assessment consists of three components:
A knowledge assessment test, accounting for 30% of the final grade;
A practical group project, including an execution report and presentation with defense, accounting for 40% of the final grade;
Technical exercises and challenges carried out during practical classes, accounting for 30% of the final grade.
The in-class assessment exercises include the analysis of realistic scenarios, the use of tools and techniques for auditing and forensic analysis, as well as the examination of examples and artifacts for exploration.
The proposed group projects are designed to enable students to develop their technical competencies in auditing and forensic analysis processes.
|
|
Language |
Portuguese. Tutorial support is available in English.
|