Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Macquarie University

Cyber Security: Digital Forensics

Macquarie University via Coursera

Go to class Write review

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Digital Forensics: Investigate. Recover. Protect. This course equips law enforcement professionals, IT analysts, cyber security specialists, and aspiring digital investigators with practical skills to extract and analyze critical evidence from digital systems. You will gain proficiency in the full forensic lifecycle, from identifying and preserving digital evidence to analyzing systems and preparing court-admissible findings. Developed by the Cyber Skills Academy at Macquarie University, a recognized cyber security school, this course is co-designed with industry experts. You will learn to: • Conduct digital investigations using defensible methods. • Recover files from Windows, Linux, and MacOS file systems. • Use forensic software tools for data acquisition and validation. • Capture and analyze volatile data from RAM and network traffic. • Extract evidence from mobile and IoT devices. • Navigate legal, ethical, and procedural standards in investigations. To succeed, learners should have basic computer literacy and familiarity with operating systems. This program prepares you to uncover digital truth and protect what matters.

Syllabus

  • Introduction to Digital Forensics Processes
    • Digital forensics is a cornerstone of modern cyber investigations. This topic provides a foundational understanding of the digital forensics process, from identifying and preserving digital evidence to analyzing it systematically and presenting findings with integrity. You will explore categories of computer investigations, understand legal and ethical considerations shaping forensic practices, and learn to apply methodical, reproducible techniques to uncover digital truth. This topic prepares you for conducting forensic analysis with rigor, responsibility, and precision in corporate breaches or criminal cases.
  • Data Acquisitions and Processing Crime and Incident Scenes
    • Effective digital forensics begins with capturing data correctly. This topic covers acquiring and preserving digital evidence, whether in the field, on-site, or remotely, while maintaining forensic integrity. You will learn to determine appropriate data acquisition methods, develop strong contingency plans, and operate key forensic tools to validate and safeguard collected evidence. The topic also covers techniques cybercriminals use to hide data, and how specialists detect and counteract these strategies. This combines technical precision with investigative insight.
  • Computer Forensics Tools for Recovery Files from Storage Media
    • A powerful toolkit supports every successful digital investigation. This topic covers the key software tools used in computer forensics to locate, extract, and recover evidence from various storage media. You will learn to evaluate and validate forensic tools based on reliability, speed, and investigative needs. Special focus is given to graphics file recovery, including strategies for identifying image formats, reconstructing files from raw data, and handling fragmented file recovery when metadata is missing. This topic sharpens your ability to choose the right tools and apply them with precision in complex investigations.
  • File System Forensics (Windows, Linux, MacOS)
    • File systems are rich sources of digital evidence. This topic shows how Windows, Linux, and MacOS file systems store, encrypt, and obscure data, and how forensic investigators extract insights. You will examine the structure and functionality of various file systems, analyze Windows Registry to uncover user activity, and address challenges like full-disk encryption and password-protected startup environments. From boot sequences to hidden artifacts, this topic provides skills to uncover what lies beneath digital storage.
  • Live Forensics Investigating RAM and Network Traffic for Evidence
    • When time is critical and data is volatile, live forensics is vital. This topic focuses on how to capture real-time evidence from active systems, including RAM, network traffic, and transient processes, before they disappear. You will learn to perform live acquisitions using specialist tools, understand when and how to apply live forensics techniques, and explore the risks, side effects, and legal considerations involved. Additionally, you will gain experience with network forensics methodologies, from identifying intrusions and unauthorized access to monitoring network traffic with minimal disruption. This combines digital forensics with urgent incident response.
  • Mobile Device Forensics
    • Mobile devices hold a wealth of digital evidence, from app activity and location data to communications and network usage. This topic covers mobile forensics, equipping you with skills to extract, preserve, and analyze data from smartphones, tablets, and IoT devices. You will learn industry-standard data acquisition techniques, how to reconstruct a suspect’s activity profile, and the unique challenges posed by modern mobile ecosystems, including encryption, proprietary systems, and distributed data across networks. Whether investigating fraud, cybercrime, or insider threats, this topic prepares you to follow the digital trail through mobile and smart technologies.

Taught by

Matt Bushby

Tags

Reviews

4.2 rating at Coursera based on 14 ratings

Start your review of Cyber Security: Digital Forensics

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.