Skip to main content

Fall Course Registration open now. Register today to get the courses you need!
Metropolitan State University (Home)
Develop
Professor in front of computer monitors with students

Computer Forensics BAS

College of Sciences / Computer Science and Cybersecurity
Undergraduate major / Bachelor of Applied Science

About The Program

The Bachelor of Applied Science in Computer Forensics is a four-year, 120-credit program offered through the Computer Science and Cybersecurity department. A computer forensics degree prepares students with knowledge in computer and digital incident investigation, eDiscovery, network and mobile forensics, legal and ethical issues in computing, and computer and privacy laws.

Bachelor of Applied Science in Computer Forensics graduates will work in computer technology and related fields in supporting companies and organizations to protect their interests or in helping law firms and legal organizations to deal with civil litigations and internal disputes/arbitrations. Graduates with a bachelor of science in computer security or forensics can also assist law enforcement to fight against cyber terrorism and crimes.

Student outcomes

  • Knows how to collect evidence so that malicious acts can be discovered and recovered.
  • Knows how to preserve evidence so that it reflects all the pertinent information on the subject device when it was collected.
  • Knows how to present highly technical evidence in court so that judges, lawyers, and juries can understand the implications of the digital evidence for civil cases.
  • Is familiar with the computer security policies, electronic investigation procedures, cyber activity regulations, national and international digital transaction standards, and computer and information laws.
  • Is knowledgeable about computer operating systems, hardware components and architecture, digital communication and networks, and computer system configuration and administration.
  • Is able to use script programming languages as well as computer forensic tools to conduct digital forensic investigations for companies’ internal affairs or for law firms’ civil cases.

Advance Your Education

How to enroll

Current students: Declare this program

Once you’re admitted as an undergraduate student and have met any further admission requirements your chosen program may have, you may declare a major or declare an optional minor.

Future students: Apply now

Apply to Metropolitan State: Start the journey toward your Computer Forensics BAS now. Learn about the steps to enroll or, if you have questions about what Metropolitan State can offer you, request information, visit campus or chat with an admissions counselor.

Get started on your Computer Forensics BAS

Program eligibility requirements

Students expressing interest in the Computer Forensics Bachelor of Applied Science when they apply for admission to the university will be assigned an academic advisor in the College of Sciences and will be given a pre-major status. Official admission to this major program and review of prior course credentials is done directly through the Computer Science and Cybersecurity (CSC) Department.

To be eligible for acceptance to the Computer Forensics major, students must submit a College of Sciences Undergraduate Program Declaration Form when the following is completed:

  • Minimum cumulative GPA of 2.5 for CFS 262, CFS 264 and CFS 280 or transfer equivalents
  • Successful completion of General Education Goal I Writing Requirement
  • Complete each of the pre-major foundation courses with a grade of C- or better

Students who do not meet the requirements above or are on academic probation will not be accepted to the major. Students who are not accepted to the major will not be allowed to take advanced courses in the discipline. All prerequisite and required courses must be completed with grades of C- or above. Transfer coursework equivalency is determined by the Computer Science and Cybersecurity Department.

Courses and Requirements

SKIP TO COURSE REQUIREMENTS

Guidelines for completing the Computer Forensics major

Students are strongly encouraged to complete the pre-major foundation courses as part of an Associate of Science (AS) or an Associate of Applied Science (AAS) degree program in a field such as System Administration, Networking Administration, Database Administration, or Computer Forensics at a community or technical college. Alternatively, students could start the program as freshmen at Metropolitan State University and take these classes with the intent to declare a major in Computer Forensics.

  • Students expressing interest in the Computer Forensics BAS when they apply for admission to the university will be assigned an academic advisor in the College of Sciences and will be given a pre-major status.
  • In order to declare a major, students should reference the program eligibility requirements noted in this catalog on the previous page and also noted on a student’s Degree Audit Report (DARs).
  • All courses for the major must be completed with a grade of C- or better.
  • A minimum of 16 semester credits of major requirements must be completed at Metropolitan State. At least 24 credits of coursework must be completed at the upper division level.
  • Students are responsible to both be aware of and abide by prerequisites for CFS, CYBR, and ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
  • Transfer coursework equivalency is determined by the Computer Science and Cybersecurity (CSC) Department and additional guidelines are noted below.

Major Requirements

+ Premajor Foundation (26 credits)
Math or Statistics Fundamentals (4 credits)

Choose one.

This course covers the basic principles and methods of statistics. It emphasizes techniques and applications in real-world problem solving and decision making. Topics include frequency distributions, measures of location and variation, probability, sampling, design of experiments, sampling distributions, interval estimation, hypothesis testing, correlation and regression.

Full course description for Statistics I

This course provides an overview of the differential calculus for single and multivariable functions and an introduction to the integral calculus and differential equations, with an emphasis on applications to the natural and physical sciences. Particular topics covered in the course include limits, ordinary and partial derivatives, applications of derivatives, definite integrals, fundamental theorem of calculus, applications of definite integrals, models involving differential equations, Eulers method, equilibrium solutions.

Full course description for Applied Calculus

Since its beginnings, calculus has demonstrated itself to be one of humankind's greatest intellectual achievements. This versatile subject has proven useful in solving problems ranging from physics and astronomy to biology and social science. Through a conceptual and theoretical framework this course covers topics in differential calculus including limits, derivatives, derivatives of transcendental functions, applications of differentiation, L'Hopital's rule, implicit differentiation, and related rates.

Full course description for Calculus I

Computing Fundamental Courses (16 credits)

Choose one

Computer forensics involves the activities in collecting, processing, preserving, analyzing and presenting computer-related evidence in court for criminal prosecutions or civil litigations. In this course, students will be exposed to those computer forensic activities through lectures, case studies, hands-on labs, and individual and group projects. Students will study the fundamental concepts and learn essential artifacts of computer operation, internet control, digital evidence collection, and computer crime investigation, and be able to recognize as well as understand how a computer related crime or incident is prosecuted or litigated in order to have a comprehensive view of the field of Computer Forensics. This course is designed for the first year of the students majoring in Computer Forensics or the students who are interested in knowing what Computer Forensics is about.

Full course description for Computer Forensics Fundamentals

An introduction to the formulation of problems and developing and implementing solutions for them using a computer. Students analyze user requirements, design algorithms to solve them and translate these designs to computer programs. The course also provides an overview of major areas within the computing field. Topics include algorithm design, performance metrics, programming languages and paradigms, programming structures, number representation, Boolean algebra, computer system organization, data communications and networks, operating systems, compilers and interpreters, cloud computing, data analytics, mobile computing, internet of things, and artificial intelligence) database, internet, security, privacy, ethics, and other societal and legal issues. Lab work and homework assignments involving flow charting tools and programming using a language such as Python form an integral part of the course.

Full course description for Computational Thinking with Programming

This course is designed to provide a fast-paced exposure to the C programming language for students majoring in a computer-related discipline. The following topics are briefly reviewed using C syntax: looping, selection, variables, scope rules, functions and pass-by-value arguments. New topics include pass-by-address arguments, formatted and unformatted I/O, user defined types (enum, struct, union), preprocessing directives, file handling, pointers, pointer arithmetic, string manipulation and selected library functions.

Full course description for C Programming

Complete all of the following.

This course covers the fundamental concepts of a single user operating system. The topics discussed in the course are the basic concepts of computer organization and architecture, memory management, process handling, disk and file management and control, and peripherals operation. Students also have the opportunities to learn the techniques and procedures of system installation, configuration, administration, and trouble shooting. The operating systems illustrated in the course are MS Windows and/or Mac OS X.

Full course description for Computer and Operating Systems Fundamentals I

This course covers the fundamental concepts of a multi-user operating system. The topics discussed in the course are conventional computer organization and architecture, memory management, process handling, disk and file management and control, and peripherals operation. Students also have the opportunities to learn the techniques and procedures of system installation, configuration, administration, and trouble shooting. The operating systems illustrated in the course are Linux and Unix.

Full course description for Computer and Operating Systems Fundamentals II

In this course, students learn the fundamental principles and concepts in computer forensics. The topics include the classification of the digital evidence, the procedure of discovering and preserving evidence, types of computer and Internet crimes, and analysis of computer crime statistics and demographics. Students also learn how to search and retrieve information to find the evidence using some common tools. Related legal procedures, regulations, and laws are also discussed briefly.

Full course description for Introduction to Computer Forensics

Criminal Justice and Law Fundamentals (6-7 credits)

This course provides an overview of the American criminal justice system with an emphasis on the roles and duties of police, courts, and corrections. Students examine current and future issues of the system such as due process, administration of justice, ethics, community policing, technology, and rehabilitation efforts. The course illustrates the criminal justice process from the initial violation of the criminal law, to the punishment and release of convicted persons, including juveniles.

Full course description for Introduction to Criminal Justice

Choose one

This course provides an overview and critical examination of constitutional law as it relates to criminal justice issues. A historical overview of the U.S. Constitution is covered along with how the Constitution works in the legal system including the role of the Supreme Court and constitutional interpretation. The First, Second, Fourth, Fifth, Sixth, Eighth, and Fourteenth Amendments are emphasized. Current developments in constitutional law will be reviewed. The course also examines how the Constitution protects the rights of those charged as well as the rights of law-abiding citizens.

Full course description for Constitutional Law

This course meets corresponding learning objectives of the Minnesota Board of Peace Officer Standards and Training. Examines law enforcement practices and applications from both constitutional and legal perspectives in these topic areas: constitutional considerations; legal processes pertaining to warrants, subpoenas, orders and summons; contacts, detentions and arrests; knowledge and application of the Minnesota criminal and traffic codes, statutes and regulations; legal foundation for peace officer use of force; and peace officer rights and liabilities.

Full course description for Legal Studies in Law Enforcement

+ Core (24 credits)

Students who haven’t declared or haven't been accepted into the major will not be allowed to take 400-level courses in the discipline.

In this course, students continue not only to learn how to identify and collect digital evidence through forensics search tools, but also to study the emerging data mining techniques. The topics include how to design a plan for a computer crime investigation; how to select a computer software tool to perform the investigation; how to articulate the laws applying to the appropriation of computers for forensics analysis; how to verify the integrity of the evidence being obtained; how to prepare the evidence collected for the use in the court; and how to present the evidence as an expert eyewitness in court. Some hypothetical and real cases are also discussed in class.

Full course description for Digital Evidence Analysis

This course introduces principles of computer security with integrated hands-on labs. The course prepares students to effectively protect information assets by providing fundamental details about security threats, vulnerabilities, and their countermeasures ranging from a simple computer to enterprise computing. Topics include broad range of today's security challenges, common security threats and countermeasures, security management, access control mechanisms, applied cryptography, privacy issues, computer ethics, file system security, and network security. Overlap: ICS 382 Computer Security

Full course description for Computer Security

In this course, students will learn the law relating to computer software, hardware, and the Internet. The areas of the law include intellectual property, cyberspace privacy, copyright, software licensing, hardware patent, and antitrust laws. Legislation and public policies on cyberspace technology, cryptographic method export controls, essential infrastructure protection and economic development are also discussed in class.

Full course description for Computer Laws

This course is designed to provide students an opportunity to practice what they have learned from the computer forensics program through a group project. The topic of the project must be approved by either the instructor or the director of the program. Each project must have a written report and an oral presentation. This course is recommended to be taken in the last semester of the program study.

Full course description for Computer Forensics Internship/Capstone

Core elective (8 credits)

Choose two courses from the following (8 credits)

The behavior of organizations and people in organizations is influenced in a variety of ways by the Constitution, state and federal legislation, regulations by all levels of government, by judicial opinions and by ethical considerations. This course explores selected aspects of the legal environment, including antitrust and fair trade laws, the law of contracts, laws and regulations concerning the workplace and workplace behavior, environmental protections, and ethical standards. Issues relating to franchising and trading in securities are also addressed within the context of the law and ethics.

Full course description for Legal Environment of Organizations

In this course students learn the fundamental principles and concepts of electronic discovery including the collection, preservation, filtering, processing, review, and production of electronically stored information such as email messages, word processing documents, spreadsheets, and other computer files. Students also learn the relationship between digital evidence analysis and electronic discovery and its role in civil litigation, government regulatory proceedings, and internal corporate investigations. Unique issues involving electronic discovery that arise in international contexts are also addressed.

Full course description for Electronic Discovery I

In this course students learn advanced topics and concepts of electronic discovery, such as the Electronic Discovery Reference Model, Information Governance, Technology Assisted Review, Predictive Coding, electronic discovery of cloud data, electronic discovery of social media data, electronic discovery of mobile device data and instant messages, as well as the use of software technology in electronic discovery. The course will also compare and contrast international electronic discovery issues in a global context, including common law countries and codified civil law countries.

Full course description for Electronic Discovery II

This course takes a hands-on approach to provide students with foundational concepts and practical skills in Mobile Device Forensics, which can be leveraged to perform forensically sound investigations against crimes involving the most complex mobile devices currently available in the market. Using modern tools and techniques, students will learn how to conduct a structured investigation process to determine the nature of the crime and to produce results that are useful in criminal proceedings. The course will provide walkthrough on various phases of the mobile forensics process for both Android and iOS based devices including forensically extracting, collecting, and analyzing, data and producing and disseminating reports. The course modules and labs will involve certain specialized hardware and software to perform data acquisition (including deleted data), and the analysis of extracted information.

Full course description for Mobile Device Security and Forensics

This course is designed to expand students' understanding of the roles of criminal court at the federal, state, and local levels. As the intermediate step between law enforcement and corrections, courts are an integral part of the criminal justice system. The course will explore the power and limitations of the judicial branch of government with regard to its role in the criminal justice system, as well as learn about the roles of various court professionals and develop a detailed understanding of the court process.

Full course description for The Criminal Court System

To properly secure any organization's information infrastructure and assets, a periodic assessment of its security posture at various levels of the organization is essential. One key area is the direct assessment of vulnerabilities in the IT infrastructure, systems and applications, followed by targeting and exploitation of the same. This course covers the theoretical bases for cyber threats and vulnerabilities, and delves into selection and application of penetration testing methodologies ranging from reconnaissance to the exploitation of vulnerabilities by probing infrastructure, services and applications. The course places a strong emphasis on the use of these methodologies to demonstrate, document, report on, and provide a clear roadmap for remediation of exposed security issues.

Full course description for Vulnerability Assessment and Penetration Testing

Information is an asset that must be protected. Without adequate protection or network security, many individuals, businesses, and governments are at risk of losing that asset. It is imperative that all networks be protected from threats and vulnerabilities so that a business can achieve its fullest potential. Security risks cannot be eliminated or prevented completely; however, effective risk management and assessment can significantly minimize the existing security risks. In order to provide effective protection to the organization's critical infrastructure and services, continuous monitoring as well as various processes, procedures, and technology is required to detect and prevent cyber-attacks, breaches, and security violations. In addition, existence of a comprehensive incident response plan is vitally connected to the survivability of an organization after a severe security breach or compromise of critical business operations. This course focuses on the operational aspect of…

Full course description for Cyber Operations

As cyber breaches and intrusions continue to increase, enterprises are now looking to hire professionals who can identify and respond to breaches and incidents before they have adverse impacts on information systems and data networks. This course provides an in-depth coverage of applying Digital Forensics and Incident Response methodologies and frameworks to address and manage the aftermath of security breaches or incidents with the goal of limiting the damages and reducing the recovery time and costs. The student will be able to identify, contain, eradicate and recover from an attack in an enterprise network. Topics include identifying threat actors and security breaches, analyzing artifacts and logs, restoring back the system, performing postmortem analysis, and implementing and/or modifying mitigating techniques. Overlap ICS 487

Full course description for Cyber Incident Response and Handling

+ Electives (10 credits) or a Minor

Complete either: (1) at least 10 credits of major electives listed below or other upper-divsion CFS, CYBR, and ICS courses except ICS 499, or (2) an approved minor (or a second/earned major). Contact your advisor with questions concerning your degree plan. A course can only be used once to meet either the requirements or electives/minor, not both.

This course provides a conceptual framework to stress the responsibility of accountant, auditor and manager for the design, operation and control of the accounting information system and the needs of information users within an organization. Traditional accounting transaction cycles are organized around events-based information technology. Students learn how the accounting information system records, classifies and aggregates economic events.

Full course description for Accounting Information Systems

This course reviews the purposes, philosophies and organization of the U.S. legal system. It provides an intensive study of the law which governs contracts for services, real estate, employment, insurance, trademark, patents and copyrights. Topics covered include legally binding contract requirements (offer and acceptance, legality of subject matter, capacity of parties and contractual consideration); circumstances which require a contract to be in writing; defenses for avoiding contractual liability; and legal remedies for breach of contract. It also focuses on the articles of the Uniform Commercial Code (UCC), which govern the rights and obligations of parties to transactions involving the sale of goods (Article II), commercial paper such as checks, notes and drafts (Article II), and financing arrangements in which one party gives another a security interest in property (Article IX) and the effects of federal bankruptcy laws on these transactions.

Full course description for Business Law: UCC and Contracts

The behavior of organizations and people in organizations is influenced in a variety of ways by the Constitution, state and federal legislation, regulations by all levels of government, by judicial opinions and by ethical considerations. This course explores selected aspects of the legal environment, including antitrust and fair trade laws, the law of contracts, laws and regulations concerning the workplace and workplace behavior, environmental protections, and ethical standards. Issues relating to franchising and trading in securities are also addressed within the context of the law and ethics.

Full course description for Legal Environment of Organizations

This course is designed to expand students' understanding of the roles of criminal court at the federal, state, and local levels. As the intermediate step between law enforcement and corrections, courts are an integral part of the criminal justice system. The course will explore the power and limitations of the judicial branch of government with regard to its role in the criminal justice system, as well as learn about the roles of various court professionals and develop a detailed understanding of the court process.

Full course description for The Criminal Court System

This course explores the past, current and future trends in security management. The basic concepts, tools and practices that comprise security management are examined. Students learn how to identify and minimize risk in a private setting. They also learn the basics of physical security and access control as well as how to identify potential liability in the security field. In addition, this course examines various career opportunities in security management.

Full course description for Introduction to Security Management

This course focuses on theories, concepts, narratives, and myths of crime and delinquent behavior. Contemporary issues and controversies within the criminal justice field are explored in social, political, and economic contexts. Special emphasis is placed on the roles of race, class, gender, and culture in relation to the etiology, prevention, control, and treatment of crime and delinquency. This course is committed to general theoretical debate, examination of the interrelation between criminological theory and research, and empirical analyses of policy and practice.

Full course description for Criminology and Public Policy

This course provides an overview of the U.S. Intelligence Community and examines how the community supports foreign policy and homeland security. Students examine the intelligence cycle and the structure, constraints, and oversight of the agencies that comprise the intelligence community. Specific attention is given to collection operations, analysis, and dissemination of finished intelligence products to consumers, with emphasis on how global intelligence is used to protect and police local communities. Also explored is how intelligence products build a common operational picture for national security management at top levels of government and how intelligence analysis supports Homeland Security by assisting federal, state, and local political leaders and law enforcement officials. Students also discuss human intelligence operations, counterintelligence, UAV (drone) operations, interrogation, and detention, and the moral, ethical, and legal framework inside which those disciplines…

Full course description for The U.S. Intelligence Community

Examines a range of moral dilemmas criminal justice practitioners are likely to face in their careers. Using both moral theory and detailed case examples, students learn to apply moral principles and concepts to a given situation, recognize the relevance of moral principles and concepts, and apply their individual moral philosophy and ethical principles to resolve these situations in a satisfactory manner. This course meets corresponding learning objectives of the Minnesota Board of Peace Officer Standards and Training.

Full course description for Ethics and Professionalism in Criminal Justice

This course presents an overview of white collar crime. Students explore theories of white collar crime and corporate criminal liability. The investigation, prosecution and sentencing of white-collar offenders are examined. "Crime in the suites" is compared to "crime in the streets." Issues related to diversity are explored.

Full course description for White Collar Crime

This remediation course provides students with an overview of higher-level and low-level programming concepts. Specifically, C, assembly programming languages and scripting using python are discussed. Python scripting topics cover Boolean logic and Numeric Data Types, Strings, Text Files, Lists, and Dictionaries. programming structures, pointers, arrays, structure types. The students will learn how to writing and compiling c programs. The course covers how to write and debug assembly programs and utilize assembly instructions. The classes incorporate lecture with hands-on programming exercises, tests for student self-evaluation. This preparation course does not count towards credits in the graduate or undergraduate levels.

Full course description for Programming and Scripting

Key laws, administrative regulations and selected court cases which impact day-to-day, employee-employer relationships are the focus of this course. Students explore formulation of policies and programs that respond to issues such as equal employment opportunity, wage and salary administration, safety and health, employment at will, immigration, drug testing, and labor/management relations in unionized organizations.

Full course description for Employment Law

This course will provide the student with a general overview and a better understanding of the wide range of disciplines found within the forensic sciences. Fundamental topics such as forensic anthropology, forensic entomology, forensic pathology, and forensic accounting will be discussed. In addition 'traditionally' recognized topics in forensic science such as DNA, Trace Evidence, Impression Evidence, Drugs, and Questioned Documents will be covered. The course instructor will utilize multi-media in a lecture format, utilizing case-studies, video supplements and expert guest speakers.

Full course description for Exploring Forensic Science

Do business firms have obligations besides making as much money as possible for their stockholders? What are their responsibilities, if any, to their employees, their customers, and the wider community? Is it enough to obey the law, or does the law sometimes allow people to do things that are wrong? Do employees have any right to privacy on the job? To 'living wages'? To 'decent' working conditions? Does a seller have any obligation to look out for the interests of the buyer? Isn't it necessary to put the best possible 'spin' on your product and let the buyer look out for him or herself? This course will examine questions like these in light of various theories of ethics and current theories of justice. In addition to considering how we might ideally like people to act, it will also consider the challenges to personal integrity and 'doing the right thing' posed by the real world of business and by the kind of large bureaucratic organizations that dominate it.

Full course description for Business Ethics

Do criminal justice professionals have to meet a higher moral standard in their behavior as professionals than that of ordinary persons? Is it ever right for a criminal justice professional to "give a break" to a fellow professional? Should criminal justice professionals report clear moral violations of their fellow professionals? This course examines a range of moral dilemmas that criminal justice professionals are likely to face as they attempt to perform the duties of their office. Using both moral theory and detailed case examples from the criminal justice system, students learn to apply moral principles and concepts in a given situation to resolve these situations in a satisfactory ethical manner.

Full course description for Criminal Justice Ethics

This course explores a range of moral issues raised by the introduction of new technologies for the production, distribution and use of information -- issues about privacy, surveillance and data-mining, freedom of speech, copyright, computer crime and abuse, justice in access to information, the political and social significance of the Internet, and so on. The course is intended to be helpful not only to information technology professionals, who will encounter some of these issues in connection with their work, but also to anyone who has an interest in the way information technology is changing our lives. Students will study moral theory, professional codes of ethics and a variety of case studies.

Full course description for Ethics in the Information Age

This course investigates the theory and practice of citizenship in local communities, the United States and the world. Students draw on core concepts from political science to explore contrasting ideas about citizenship and the political, economic and cultural dimensions of critical issues facing the global community. Classroom inquiry is supplemented by field experiences and investigation.

Full course description for Citizenship in a Global Context

+ General Guidelines
Transfer Courses

Transfer coursework equivalency is determined by the Computer Science and Cybersecurity (CSC) department and is initially evaluated upon admission with updates documented on the Degree Audit Report (DARS). When transferring coursework, please be aware that many universities, community, and technical colleges offer courses equivalent to some of our pre-major courses. Sometimes a course at the lower division at another university or college is equivalent to one of our upper-division courses, or an upper-division course at another institution is equivalent to one of our lower-division courses. To calculate upper-division credits for the major electives or for university graduation requirements, the status of the course at the institution where the student took the course is what matters.

Prerequisites

Students must be aware of and abide by prerequisites for all courses for which they are enrolled. No student may be enrolled in a course unless they have completed all course prerequisites with a grade of C- or higher. Students will be administratively dropped from a course if they have not met the required prerequisites. For some courses, prerequisites are enforced automatically by the registration system. If your DARS report shows you have met the prerequisites for a course, and the registration system will not let you register, please contact your academic advisor.

Program planner