Tag Archives: Digital Forensics

Fall 2013 review: Digital Forensics & Cybersecurity at John Jay College

One of my most popular posts on this site to date is my first year review of the Digital Forensics & Cybersecurity program at John Jay College.  Well, now I have been there another semester  I thought it was time for an update.

I took three courses:

  1. FCM 710 – Architecture of Secure Operating Systems.
  2. FCM 740 – Data Communications and Forensics Security.
  3. FCM 760 – Forensic Management of Digital Evidence.

My  thoughts? It was very time-consuming, difficult and I am glad that the semester has finished. So what did I get out of the semester? A little and a lot.

The Positives

Let’s start with the positives first … Forensic Management of Digital Evidence. This course was very much a case of you get out what you put in. The professor gave you the materials and the necessary information that you needed. He taught you but he gave you the hands on experience each week as well, assigning different tasks and learning another new program that might be useful if you go down this route. There was a lot of information to learn but you were then given the opportunity to go apply it and personally that is how I learn best. It really puts things into perspective when you can see first hand what is going on.

Learning data acquisition methods is fun (if you are a geek, like me!). We learnt about FTK Imager, which is free, to forensically acquire an image. We also got a brief introduction into Volatility and some of the things it is able to do. I cannot emphasis the power of Volatility with the numerous plugins that it has to offer you! Whilst we only just touched on it, it’s something I would urge everyone to at least try out if you are interested in coming into this field.

We were also taught about the different files systems on different operating systems and what that means and later went on to look at EnCase. That in itself is the beast and will take a lot of time to get your head around everything. Thankfully that is offered as another course later on which will be useful but we got a good taster.

This course is jam-packed with cool stuff and it was a pleasure to be a part of it. I definitely recommend it!

The not quite so good…

Before the start of the semester I had been hearing how difficult ‘Architecture of Secure Operating Systems’ was – and it was true to the spoken word of students! The problem was, it might well have been for different reasons.

The normal professor that takes this course wasn’t available and so somebody else had to come in and cover. The person did the best they could, but I just don’t believe it was delivered the same. In fairness, the feedback that was offered by the students through the course was taken on board to some extent and I believe that the course was adapted to address some of those concerns but it was frustrating.

This course is supposed to be a very technical course, you need to put in the time and effort and you need to work hard. It involves a lot (more than I expected) of C programming and you will be using Assembly so look it up before taking this course. I don’t believe that there was the support that many students needed in order to get through it in a satisfactory manner. In fact, I would say that I spent so much time trying to get the work done that I’m not sure how much of it sank in. I don’t think I learnt anywhere near as much as I should because I didn’t have the time. I was focused on getting the tasks completed. There is an argument to be had that is not the fault of the course but of myself and it might be partly true but the other side of the argument is that I wanted to achieve a good grade and one had to suffer.

We didn’t get the feedback that was needed for the course. Our homework’s were not returned until the last week of class so it was difficult to understand what we had done right and where we needed to improve before the practical exam. The exam certainly made you think. I don’t think I have been so happy to have finished a class as that one.

The final class..

This now brings me onto the Data Communications and Forensics Security course. Due to circumstances, a lot was offered and unfortunately not a great deal was delivered. The issue was something that plagues the program – do you have practitioners come in and teach or do you rely on academic professors?? On this occasion we had a practitioner and I think its safe to say work commitments got in the way.

We did have some special guests come in to talk about their experiences, both from the public and private sector.  That was very useful to see both sides, especially when you are fairly close to graduating and want to gauge the differences. It also gave a good insight of what happens in the “real world” and I was glad we were given that opportunity.

We had to do a research paper and present on it at the end. The class picked some really interesting topics and that alone was a useful learning experience. I learnt a lot from their presentations but I believe that the class will be restructured for future semesters.

Conclusion?

It was a contrast. I had the good and the bad. I got some really good connections and was able to build my professional network along with learning many new things but I also thought there were many missed opportunities.

It’s very frustrating to see the program at present. The program has the potential to be great but right now I personally think there is an issue with staff – there isn’t enough of them! When you are in such a technical and specialized program you need those technical specialized teachers in order to learn properly, otherwise it’s no use and you might as well teach yourself. I am glad and hopeful though that the school will continue to attract professors who are also practitioners. Ok one of my courses didn’t work because of the struggles of balancing but the other one worked great!

Let’s see what this semester (Spring 2014) brings… Network Security, you’re up!

Hope you enjoyed. Feel free to comment and reach out to me with any questions!

Year 1 review of Mastering Digital Forensics & Cyber Security at John Jay College

So let me set the scene. It was August 2012, people were rushing past and then the tannoy came on and stated “flight to New York City now boarding”. At that moment with only two suitcases in hand it suddenly made me question “what the hell am I doing?!”. Well now after 9 grueling months I can give you the answer – I was making one of the toughest, hardest but most worthwhile and correct decisions of my life.

Year one in the MSc Digital Forensics and Cyber Security program (D4CS) at John Jay College of Criminal Justice is now finished and I look back with a warm sense of satisfaction at my achievements so far. It looks like I will have completed year one with a perfect 4.0 which is amazing.

The program is intense and it pushes you really hard but it also offers you amazing support and wonderful professors. The amount of time and effort these guys put in to ensure you have the best education possible is to be praised but that is only the half of it. This degree will not work for you if you cannot dedicate the time and effort that’s required and that alone is too much for some. Many times over the year had the clock gone past midnight and I was cradling a coffee in one hand while typing or looking through code with the other.

The wide range of topics covered cannot be underestimated. So far I have been taught about the programming language of the operating systems i.e. C and successfully managed to design and code a chessboard. If anybody had told me a year ago that not only would I be attempting such a project but I’d be successful with it I would have laughed and dismissed it. It also gave me a greater understanding of the level of math involved in computing. I’m not going to lie, at times trying to understand the logic of the math equations and theory then putting that into practice with coding examples was not easy but it was rewarding and helps you in the long run so thank you Hunter!

I have been taught about Federal and NY State computing law and how that impacts us on a daily basis without us even realizing it. A special shout out to Professor Adam Wandt who made the class a very engaging and enjoyable subject to learn. PAD 750 was split in two halves: legal and technology. As I learn by hands on experience it was great to see so many experiments in class and it allowed you to see first hand what is going on. It was bloody difficult revising for those exams and I’m glad its over but it’s a highly recommended class to take.

Moving on to another subject was the intense reading of hundreds of pages every week on the more sociological point of view. Trying to understand the mindset of hackers and where computing originated from and what that type of world was. You have to be prepared to engage in classes for two reasons; the first is you won’t get much out of it if you don’t and the second is you don’t get a choice because the professors rightly make sure you help contribute to the debate. There was open and honest discussions held with varying views expressed but welcomed. There was no wrong answer, as long as you could justify it. It’s what academia is all about.

I also learnt about computer security and encryption, learning about different techniques and algorithms that are used today. It is such a wide scope and topic but it was enjoyable and broadens your mind. It also shows you the amazing opportunities that are out there in the field and with different talks and guest lectures coming in courtesy of the Cybercrime Center you get different perspectives and an even greater enhanced learning.

There is so much to say but I thought I would highlight some of the many different things that have gone on this year. It really is a case of you get out what you put in, but if you put in the effort then you’ll be rewarded and there is a great setup here to help you along the way. I am ready for the summer break, it will be nice to not have the intensity levels that there was for a while but I know come the Fall of 2013 I will be ready, willing and excited for year two and what the opportunities and challenges that will bring.

Have a great summer folks!