Digital Forensic Course Prep – Champlain College

Jon Rajewski computer forensics, curriculum

One of the best parts of being a professor is preparing courses before the semester begins. It’s a time to reflect on the last time you taught the course and make improvements/enhancements in the content. One of the fun projects I did last year was scoped an analysis (and created evidence) surrounding the Wikileaks case. Here was the project scope:

You are tasked with investigating a military computer system that has been alleged to be apart of the recent classified information disclosure to the infamous Wikileaks website. The computer system you’re examining was permitted to have classified information and you can determine if a file was classified by following the below:
·         Confidential files have [CO] in the file name
·         Secret files have [SC] in the file name
Your Scope:
The users accessing this system had no expectation of privacy. Your expected deliverables are:    
1)     Determine if any classified files were sent/saved/distributed to any other digital device
2)     Determine if any user on this computer communicated/researched regarding how to distribute/share/obtain the information on the leaked information described on the Wikileaks website
3)     Provide a recommendation for other data sources / suspects / email accounts /aliases to consider in this investigation

Students had to examine evidence and provide a comprehensive report. The best part was trying to get students to take their analysis to the next level, that is, beyond what was taught in the course. As digital forensic examiners, we will always encounter something new and we need to be ready/prepared to figure things out. I was pleased to see some of the students do this — and even more pleased to hear that some of those Juniors had amazing internships this summer and most of them already have job offers — before they even entered their Senior year.

This term in Operating System Forensics we will be spending a lot of time examining a few digital devices we’ve been building and “crafting” for the past 6 months. It’s key for a digital forensic professor teach both theory and practice and there is no better way, in my opinion than to build custom assessments for each class so students are not only engaged, but excited to learn.

Needless to say, I’m excited to start teaching on Monday 🙂