Skip to main content

Computer Forensics Minor

About The Program

This minor program is a 24-credit program that prepares students with knowledge in computer forensics, digital incident investigation, cyberspace ethics, and computer laws.

Student outcomes

  • Knows how to collect evidence so that malicious acts can be discovered and recovered.
  • Knows how to preserve evidence so that it reflects all the pertinent information on the subject device when it was collected.
  • Is familiar with the computer security policies, electronic investigation procedures, cyber activity regulations, national and international digital transaction standards, and computer and information laws.

How to enroll

Current students: Declare this program

Once you’re admitted as an undergraduate student and have met any further admission requirements your chosen program may have, you may declare a major or declare an optional minor.

Future students: Apply now

Apply to Metropolitan State: Start the journey toward your Computer Forensics Minor now. Learn about the steps to enroll or, if you have questions about what Metropolitan State can offer you, request information, visit campus or chat with an admissions counselor.

Get started on your Computer Forensics Minor

Program eligibility requirements

To be eligible for acceptance to the Computer Forensics minor, students must submit a College of Sciences Undergraduate Program Declaration Form when the following requirements are met:

  • Currently enrolled in the university with a specific major program
  • 30 earned college credits with a GPA of 2.5 or better

All required and elective courses must be completed with a grade of C- or above. Transfer coursework equivalency is determined by the Computer Science and Cybersecurity Department.

Courses and Requirements

SKIP TO COURSE REQUIREMENTS

Each student must complete 24 credits in the minor including at least 12 upper division credits and at least 10 credits from Metropolitan State University. Students are allowed to have up to 8 credits overlapped with their current or previously completed majors or minors. Please work with your academic advisor to assure both your major and minor requirements are met when planning out your course load every semester toward graduation. All required and elective courses must be completed with a grade of C- or above. For further details on prerequisites, reference the General Guidelines section below.

Minor Requirements (24 credits)

+ Core (16 credits)
Computing Fundamentals (4 credits)

Choose one.

Computer forensics involves the activities in collecting, processing, preserving, analyzing and presenting computer-related evidence in court for criminal prosecutions or civil litigations. In this course, students will be exposed to those computer forensic activities through lectures, case studies, hands-on labs, and individual and group projects. Students will study the fundamental concepts and learn essential artifacts of computer operation, internet control, digital evidence collection, and computer crime investigation, and be able to recognize as well as understand how a computer related crime or incident is prosecuted or litigated in order to have a comprehensive view of the field of Computer Forensics. This course is designed for the first year of the students majoring in Computer Forensics or the students who are interested in knowing what Computer Forensics is about.

Full course description for Computer Forensics Fundamentals

This course introduces fundamental concepts in computer programming and the development of computer programs to solve problems across various application domains. Topics include number systems, Boolean algebra, variables, decision-making and iterative structures, lists, file manipulation, and problem deconstruction via modular design approaches. Lab work and homework assignments involving programming using a language such as Python form an integral part of the course.

Full course description for Computational Thinking with Programming

This course is designed to provide a fast-paced exposure to the C programming language for students majoring in a computer-related discipline. The following topics are briefly reviewed using C syntax: looping, selection, variables, scope rules, functions and pass-by-value arguments. New topics include pass-by-address arguments, formatted and unformatted I/O, user defined types (enum, struct, union), preprocessing directives, file handling, pointers, pointer arithmetic, string manipulation and selected library functions.

Full course description for C Programming

Computer and Operating Systems (8 credits)

This course covers the fundamental concepts of a single user operating system. The topics discussed in the course are the basic concepts of computer organization and architecture, memory management, process handling, disk and file management and control, and peripherals operation. Students also have the opportunities to learn the techniques and procedures of system installation, configuration, administration, and trouble shooting. The operating systems illustrated in the course are MS Windows and/or Mac OS X.

Full course description for Computer and Operating Systems Fundamentals I

This course covers the fundamental concepts of a multi-user operating system. The topics discussed in the course are conventional computer organization and architecture, memory management, process handling, disk and file management and control, and peripherals operation. Students also have the opportunities to learn the techniques and procedures of system installation, configuration, administration, and trouble shooting. The operating systems illustrated in the course are Linux and Unix.

Full course description for Computer and Operating Systems Fundamentals II

Computer Forensics (4 credits)

In this course, students learn the fundamental principles and concepts in computer forensics. The topics include the classification of the digital evidence, the procedure of discovering and preserving evidence, types of computer and Internet crimes, and analysis of computer crime statistics and demographics. Students also learn how to search and retrieve information to find the evidence using some common tools. Related legal procedures, regulations, and laws are also discussed briefly.

Full course description for Introduction to Computer Forensics

+ Electives (8 credits)
Category I: Computer Forensics and Security (4 credits)

Choose one

In this course students learn the fundamental principles and concepts of electronic discovery including the collection, preservation, filtering, processing, review, and production of electronically stored information such as email messages, word processing documents, spreadsheets, and other computer files. Students also learn the relationship between digital evidence analysis and electronic discovery and its role in civil litigation, government regulatory proceedings, and internal corporate investigations. Unique issues involving electronic discovery that arise in international contexts are also addressed.

Full course description for Electronic Discovery I

In this course, students continue not only to learn how to identify and collect digital evidence through forensics search tools, but also to study the emerging data mining techniques. The topics include how to design a plan for a computer crime investigation; how to select a computer software tool to perform the investigation; how to articulate the laws applying to the appropriation of computers for forensics analysis; how to verify the integrity of the evidence being obtained; how to prepare the evidence collected for the use in the court; and how to present the evidence as an expert eyewitness in court. Some hypothetical and real cases are also discussed in class.

Full course description for Digital Evidence Analysis

In this course students learn advanced topics and concepts of electronic discovery, such as the Electronic Discovery Reference Model, Information Governance, Technology Assisted Review, Predictive Coding, electronic discovery of cloud data, electronic discovery of social media data, electronic discovery of mobile device data and instant messages, as well as the use of software technology in electronic discovery. The course will also compare and contrast international electronic discovery issues in a global context, including common law countries and codified civil law countries.

Full course description for Electronic Discovery II

This course takes a hands-on approach to provide students with foundational concepts and practical skills in Mobile Device Forensics, which can be leveraged to perform forensically sound investigations against crimes involving the most complex mobile devices currently available in the market. Using modern tools and techniques, students will learn how to conduct a structured investigation process to determine the nature of the crime and to produce results that are useful in criminal proceedings. The course will provide walkthrough on various phases of the mobile forensics process for both Android and iOS based devices including forensically extracting, collecting, and analyzing, data and producing and disseminating reports. The course modules and labs will involve certain specialized hardware and software to perform data acquisition (including deleted data), and the analysis of extracted information.

Full course description for Mobile Device Security and Forensics

This course introduces principles of computer security with integrated hands-on labs. The course prepares students to effectively protect information assets by providing fundamental details about security threats, vulnerabilities, and their countermeasures ranging from a simple computer to enterprise computing. Topics include broad range of today's security challenges, common security threats and countermeasures, security management, access control mechanisms, applied cryptography, privacy issues, computer ethics, file system security, and network security. Overlap: ICS 382 Computer Security

Full course description for Computer Security

Networks are the backbone of information technology operations within an enterprise and are responsible for a significant portion of an organization's security posture. Cybersecurity professionals are often tasked with securing network operations and responding to network threats which demonstrates the importance to networking knowledge in the cybersecurity industry. As a cybersecurity practitioner, it is imperative that there is an understanding of network operations, protocols, and administration practices. This course focuses on developing skills and taking a deep dive into networking protocols including TCP, UDP, ICMP, and IP, network design and architecture, network administration automation, network analysis, and network protocol and design impacts on security and defense measures. Overlap: ICS 383 Networking Protocols and Analysis

Full course description for Networking Protocols and Analysis

Medical devices vary in their intended use, regulatory classification, and associated risk. There is a rapid and widespread growth of technological innovation, connectedness, and complexity of medical devices that improves healthcare and the treatment of patients but also poses a high level of unique challenges and rapidly increasing cybersecurity risks. This course introduces students to the unique challenges, scenarios, and solutions related to cybersecurity in medical devices. Case studies, technical labs, and other course activities and assignments will provide students with situational awareness and unique cybersecurity skills for medical devices. Additional topics related to medical device security include, but are not limited to, regulation and guidance, emerging technology, data protection, and emerging threats

Full course description for Cybersecurity for Medical Devices

To properly secure any organization's information infrastructure and assets, a periodic assessment of its security posture at various levels of the organization is essential. One key area is the direct assessment of vulnerabilities in the IT infrastructure, systems and applications, followed by targeting and exploitation of the same. This course covers the theoretical bases for cyber threats and vulnerabilities, and delves into selection and application of penetration testing methodologies ranging from reconnaissance to the exploitation of vulnerabilities by probing infrastructure, services and applications. The course places a strong emphasis on the use of these methodologies to demonstrate, document, report on, and provide a clear roadmap for remediation of exposed security issues.

Full course description for Vulnerability Assessment and Penetration Testing

As cyber breaches and intrusions continue to increase, enterprises are now looking to hire professionals who can identify and respond to breaches and incidents before they have adverse impacts on information systems and data networks. This course provides an in-depth coverage of applying Digital Forensics and Incident Response methodologies and frameworks to address and manage the aftermath of security breaches or incidents with the goal of limiting the damages and reducing the recovery time and costs. The student will be able to identify, contain, eradicate and recover from an attack in an enterprise network. Topics include identifying threat actors and security breaches, analyzing artifacts and logs, restoring back the system, performing postmortem analysis, and implementing and/or modifying mitigating techniques. Overlap ICS 487

Full course description for Cyber Incident Response and Handling

Malware infections have reached epidemic proportions with over 600 million types of infection reported to date. Traditional antivirus techniques are not sufficient to stem the tide. This course will introduce students to the fundamentals of malware analysis techniques which will allow them to recognize, analyze and remediate infections. Basic static analysis techniques using antivirus scanning, hashing, string searching and other automated analysis tools will be reviewed. Dynamic approaches using system and network monitoring will be employed to detect snooping and attempts to exfiltrate data. Students will set up virtual workspaces, download tools and malware and analyze software in a secure environment. Reverse engineering will be introduced. Overlap: ICS 486.

Full course description for Malware Analysis

Covers concepts and methods in the definition, creation and management of databases. Emphasis is placed on usage of appropriate methods and tools to design and implement databases to meet identified business needs. Topics include conceptual, logical and physical database design theories and techniques, such as use of Entity Relationship diagrams, query tools and SQL; responsibilities of data and database administrators; database integrity, security and privacy; and current and emerging trends. Use of database management systems such as MySQL. Coverage of HCI (Human Computer Interaction) topics and development of front ends to databases with application of HCI principles to provide a high level usability experience. Overlap: ICS 311T Database Management Systems.

Full course description for Database Management Systems

This course focuses on how to design and establish information services over the Internet from the server side. Topics include advanced concepts and issues on Internet architecture, server-side design strategies, current technologies and Internet security. Through labs and programming projects, students learn how to use current scripting and markup languages to build nontrivial state-of-the-art applications.

Full course description for Internet Application Development

Category II: Law and Legal System (4 credits)

Choose one

In this course, students will learn the law relating to computer software, hardware, and the Internet. The areas of the law include intellectual property, cyberspace privacy, copyright, software licensing, hardware patent, and antitrust laws. Legislation and public policies on cyberspace technology, cryptographic method export controls, essential infrastructure protection and economic development are also discussed in class.

Full course description for Computer Laws

This course provides a conceptual framework to stress the responsibility of accountant, auditor and manager for the design, operation and control of the accounting information system and the needs of information users within an organization. Traditional accounting transaction cycles are organized around events-based information technology. Students learn how the accounting information system records, classifies and aggregates economic events.

Full course description for Accounting Information Systems

This course reviews the purposes, philosophies and organization of the U.S. legal system. It provides an intensive study of the law which governs contracts for services, real estate, employment, insurance, trademark, patents and copyrights. Topics covered include legally binding contract requirements (offer and acceptance, legality of subject matter, capacity of parties and contractual consideration); circumstances which require a contract to be in writing; defenses for avoiding contractual liability; and legal remedies for breach of contract. It also focuses on the articles of the Uniform Commercial Code (UCC), which govern the rights and obligations of parties to transactions involving the sale of goods (Article II), commercial paper such as checks, notes and drafts (Article II), and financing arrangements in which one party gives another a security interest in property (Article IX) and the effects of federal bankruptcy laws on these transactions.

Full course description for Business Law: UCC and Contracts

The behavior of organizations and people in organizations is influenced in a variety of ways by the Constitution, state and federal legislation, regulations by all levels of government, by judicial opinions and by ethical considerations. This course explores selected aspects of the legal environment, including antitrust and fair trade laws, the law of contracts, laws and regulations concerning the workplace and workplace behavior, environmental protections, and ethical standards. Issues relating to franchising and trading in securities are also addressed within the context of the law and ethics.

Full course description for Legal Environment of Organizations

This course is designed to expand students' understanding of the roles of criminal court at the federal, state, and local levels. As the intermediate step between law enforcement and corrections, courts are an integral part of the criminal justice system. The course will explore the power and limitations of the judicial branch of government with regard to its role in the criminal justice system, as well as learn about the roles of various court professionals and develop a detailed understanding of the court process.

Full course description for The Criminal Court System

This course explores the past, current and future trends in security management. The basic concepts, tools and practices that comprise security management are examined. Students learn how to identify and minimize risk in a private setting. They also learn the basics of physical security and access control as well as how to identify potential liability in the security field. In addition, this course examines various career opportunities in security management.

Full course description for Introduction to Security Management

This course focuses on theories, concepts, narratives, and myths of crime and delinquent behavior. Contemporary issues and controversies within the criminal justice field are explored in social, political, and economic contexts. Special emphasis is placed on the roles of race, class, gender, and culture in relation to the etiology, prevention, control, and treatment of crime and delinquency. This course is committed to general theoretical debate, examination of the interrelation between criminological theory and research, and empirical analyses of policy and practice.

Full course description for Criminology and Public Policy

This course explores the emergence and manifestation of terror and terrorism from a range of historical, political, sociological and cultural perspectives. It further explores the interpretation of, and response to, contemporary manifestations of terror and terrorism, global and domestic. Emphasizing the diverse and contested nature of terror as both concept and practice, a number of case studies are highlighted to explore the complex connections between order, power, authority, security, and terror. The organizational forms and objectives of terrorist organizations, and the range of strategies available in response to the demands and challenges posed by global terror and a growing variety of domestic terrorist groups and individuals are also considered.

Full course description for Terrorism and Counterterrorism

This course examines the operation of criminal justice organizations and provides students with a conceptual foundation to explore the workings of the criminal justice system. Emphasis is placed on understanding internal and external influences on the operations of criminal justice agencies including the people, practices and events that shape criminal justice administration.

Full course description for Organization and Administration in Criminal Justice

This course provides an overview of the U.S. Intelligence Community and examines how the community supports foreign policy and homeland security. Students examine the intelligence cycle and the structure, constraints, and oversight of the agencies that comprise the intelligence community. Specific attention is given to collection operations, analysis, and dissemination of finished intelligence products to consumers, with emphasis on how global intelligence is used to protect and police local communities. Also explored is how intelligence products build a common operational picture for national security management at top levels of government and how intelligence analysis supports Homeland Security by assisting federal, state, and local political leaders and law enforcement officials. Students also discuss human intelligence operations, counterintelligence, UAV (drone) operations, interrogation, and detention, and the moral, ethical, and legal framework inside which those disciplines…

Full course description for The U.S. Intelligence Community

Examines a range of moral dilemmas criminal justice practitioners are likely to face in their careers. Using both moral theory and detailed case examples, students learn to apply moral principles and concepts to a given situation, recognize the relevance of moral principles and concepts, and apply their individual moral philosophy and ethical principles to resolve these situations in a satisfactory manner. This course meets corresponding learning objectives of the Minnesota Board of Peace Officer Standards and Training.

Full course description for Ethics and Professionalism in Criminal Justice

This course presents an overview of white collar crime. Students explore theories of white collar crime and corporate criminal liability. The investigation, prosecution and sentencing of white-collar offenders are examined. "Crime in the suites" is compared to "crime in the streets." Issues related to diversity are explored.

Full course description for White Collar Crime

This course examines the fundamental principles and practices of emergency management including how it functions within the homeland security enterprise. Mass shootings, acts of terror, infrastructure collapse, and natural disasters all are examples of emergencies examined in this course. This course also explores the human and economic costs of emergencies and the intended and unintended consequences of intervention.

Full course description for Emergency Management for Criminal Justice

This course is intended to develop the student's skills and knowledge in the field of crime analysis. Students will become familiar with the variety of tasks and issues encountered within the public and private sectors by a crime analyst. Students will also participate in group activities to build knowledge and skills associated with the different functions of a crime analyst.

Full course description for Crime Analysis

This course will provide the student with a general overview and a better understanding of the wide range of disciplines found within the forensic sciences. Fundamental topics such as forensic anthropology, forensic entomology, forensic pathology, and forensic accounting will be discussed. In addition 'traditionally' recognized topics in forensic science such as DNA, Trace Evidence, Impression Evidence, Drugs, and Questioned Documents will be covered. The course instructor will utilize multi-media in a lecture format, utilizing case-studies, video supplements and expert guest speakers.

Full course description for Exploring Forensic Science

Key laws, administrative regulations and selected court cases which impact day-to-day, employee-employer relationships are the focus of this course. Students explore formulation of policies and programs that respond to issues such as equal employment opportunity, wage and salary administration, safety and health, employment at will, immigration, drug testing, and labor/management relations in unionized organizations.

Full course description for Employment Law

Business Intelligence is the user-centered process of exploring data, data relationships and trends - thus helping to improve overall decision making for enterprises. This course addresses the iterative processes of accessing data (ideally stored in the enterprise data warehouse) and analyzing data in order to derive insights and communicate findings. Moreover, the course also addresses the use of software tools for analysis and visualization of data, especially report design along with the use of dashboards.

Full course description for Business Intelligence and Analytics

Do business firms have obligations besides making as much money as possible for their stockholders? What are their responsibilities, if any, to their employees, their customers, and the wider community? Is it enough to obey the law, or does the law sometimes allow people to do things that are wrong? Do employees have any right to privacy on the job? To 'living wages'? To 'decent' working conditions? Does a seller have any obligation to look out for the interests of the buyer? Isn't it necessary to put the best possible 'spin' on your product and let the buyer look out for him or herself? This course will examine questions like these in light of various theories of ethics and current theories of justice. In addition to considering how we might ideally like people to act, it will also consider the challenges to personal integrity and 'doing the right thing' posed by the real world of business and by the kind of large bureaucratic organizations that dominate it.

Full course description for Business Ethics

Do criminal justice professionals have to meet a higher moral standard in their behavior as professionals than that of ordinary persons? Is it ever right for a criminal justice professional to "give a break" to a fellow professional? Should criminal justice professionals report clear moral violations of their fellow professionals? This course examines a range of moral dilemmas that criminal justice professionals are likely to face as they attempt to perform the duties of their office. Using both moral theory and detailed case examples from the criminal justice system, students learn to apply moral principles and concepts in a given situation to resolve these situations in a satisfactory ethical manner.

Full course description for Criminal Justice Ethics

This course explores a range of moral issues raised by the introduction of new technologies for the production, distribution and use of information -- issues about privacy, surveillance and data-mining, freedom of speech, copyright, computer crime and abuse, justice in access to information, the political and social significance of the Internet, and so on. The course is intended to be helpful not only to information technology professionals, who will encounter some of these issues in connection with their work, but also to anyone who has an interest in the way information technology is changing our lives. Students will study moral theory, professional codes of ethics and a variety of case studies.

Full course description for Ethics in the Information Age

+ General Guidelines
Transfer Courses

Transfer coursework equivalency is determined by the Computer Science and Cybersecurity (CSC) department and is initially evaluated upon admission with updates documented on the Degree Audit Report (DARS). When transferring coursework, please be aware that many universities, community, and technical colleges offer courses equivalent to some of our pre-major courses. Sometimes a course at the lower division at another university or college is equivalent to one of our upper-division courses, or an upper-division course at another institution is equivalent to one of our lower-division courses. To calculate upper-division credits for the major electives or for university graduation requirements, the status of the course at the institution where the student took the course is what matters.

Prerequisites

Students must be aware of and abide by prerequisites for all courses for which they are enrolled. No student may be enrolled in a course unless they have completed all course prerequisites with a grade of C- or higher. Students will be administratively dropped from a course if they have not met the required prerequisites. For some courses, prerequisites are enforced automatically by the registration system. If your DARS report shows you have met the prerequisites for a course, and the registration system will not let you register, please contact your academic advisor.