Bachelor in Digital Forensics and Incident Response

Start semesters

2024 Autumn

Bachelor in Digital Forensics and Incident Response

Study Facts
- Area of Study
  Computing
- ECTS
  180
- NQF Level
  Bachelor's degree (Level 6 1. Cycle)
- Campus
  Kristiansand, OnlinePLUS - Oslo, Online
- Study Mode
  Full-time, Online
- Entry Requirements
  Entry Requirements
- Study Programme Leader
  Emlyn Butterfield

Introduction

Noroff University College (NUC) offers awards that specialise in the utilisation of digital technology. The objective of the Bachelor in Digital Forensics and Incident Response (DFIR) is to provide you with an understanding of the forensic analysis of digital systems, the methods and techniques that can be applied, and to develop you into future digital investigators and incident responders. The use of computers and technology has become ubiquitous within the modern world. With an increase in the use of digital devices within every walk of life now means that there is not a single action taken that does not require a digital device at some point. The legal and commercial sectors have identified this factor and now analyse digital devices on a regular basis to help identify or dismiss user activity.

Traditionally digital forensics was seen as a law enforcement only activity, however given the increase and breadth of cyber-attacks, the field of Digital Forensics and Incident Response (DFIR) was formed. Cyber-attacks, and security breaches, can happen to any organisation at any point due to the connected and distributed nature of an organisation’s infrastructure. Attacks and breaches can cause an organisation to suffer data, financial, and reputational loss. An organisation must identify, respond to, and reduce the impact of an attack or breach as quickly as possible. DFIR focuses on identification, investigation, and remediation from cyber-attacks. With the increased reliance on technology, there are simply more devices that can be 'attacked'. DFIR provides reactive technological capabilities to any organisation to deal with incidents, often the central capability.

This degree will provide students with the skills, knowledge, and competencies to investigate incidents on a range of complex digital systems in a forensically sound manner. Students will be able to analyse and assess evidence and events both in a real time incident analysis and in a post event investigation to enable decisions to be made to secure systems and devices; understanding the potential legal and commercial impact of their actions, while preserving evidence to enable further investigation and prosecution in a court of law. The complexity of cyber-attacks and data breaches has increased the need for skilled individuals who are able to investigate and think analytically, rather than simply knowing how to secure or attack a digital system. DFIR’s are generally creative and flexible in their approach taking on board a range of data and systems with an ability to identify the “red thread”. This degree aims to provide specialists in the DFIR domain, and it will challenge individuals to develop a scientific, rigorous approach to their work.

Aims of the Degree Programme

This programme aims to develop individuals with a holistic understanding of key practice, principles and procedures of digital forensic investigations and incident response. Through a blend of theoretical and practical experience in investigating digital systems students can identify the who, what, where, and when. Graduates have a high level of proficiency in a wide range of skills including problem-solving, digital forensics, network infrastructures, system design and development, operating and file system analysis, network security and incident response. The programme has been specifically designed to equip students with the practical and theoretical understanding and principles required to excel in the DFIR domain.

Students are provided the required background to act as a digital investigator and incident responder, they become competent in the collection, processing, and secure handling of digital evidence from a variety of sources. They have received instruction on the full life cycle of a digital investigation. This will encompass the collection of evidence from a crime scene, maintenance of the chain of custody, analysis and interpretation of the evidence, and the final production of results and findings. The following are the broad core elements for the degree programme.

Computing provides an essential understanding of how digital devices communicate locally and across networks. These fundamentals are key for anyone within a computing discipline.
Digital Forensics is a branch of forensic science that covers the recovery, analysis, interpretation, and presentation of information from digital devices, whilst preserving their integrity.
Incident Response is an organised approach to investigating and addressing security breaches or cyber-attacks.
Legal and Compliance provides an essential understanding of the processes, procedures and broad legal aspects related to digital forensics and incident response to ensure students are aware of the risks and obligations of their work.

The programme develops and equips students as digital investigators with the necessary skills to process numerous forms of digital evidence and sources of data. It will challenge individuals to develop a scientific, methodical, and rigorous approach to their work, along with creativity and versatility in problem solving. This will enable students to not only solve issues posed as part of the degree but also to address unforeseen problems once employed within the DFIR domain, and other future careers. The specialisation builds upon the practice and procedures explored in earlier courses through thorough exploration of different types of file systems and data types. Students then explore investigative practices and tools, before examining novel platforms in their final year.

Course Model

This bachelor's degree is a full-time programme of study, based on a 40-hour per week study schedule. The degree consists of six semesters which are delivered over three academic years (each of a 10-month duration), with each year providing 60 ECTS of educational material and qualification. This results in a 30 ECTS workload per semester and total of 180 ECTS for the full bachelor’s degree, which equates to 1,500-1,800 hours of work. Each year the programmes and their courses are reviewed to ensure the degree continues to be appropriate for this fast-developing field. Some courses may span semesters and the credit value is only awarded in the semester they are completed. The courses that comprise this degree are therefore subject to minor changes each academic year.

Semester 1

Network Fundamentals: This course is designed to provide students with practical knowledge of general network theory. It focuses on network structures, topology, and essential protocols. The course aims to foster understanding about theoretical network models, network devices, and network communication forms. Key skills that students will acquire include implementing and configuring network devices, constructing and configuring a network and subnet, and understanding how network components interact to facilitate communication. The course also emphasizes the importance of network reliability, user responsibility, and the need for networks to be 'fit for purpose'. Topics Covered: Network Types and Topologies, OSI model, Internet communication, TCP / IP protocol stack, IP addressing and subnetting, Routing protocols.

Introduction to Programming: This course aims to provide students with a programming foundation including both theoretical and practical elements. Students are provided knowledge to independently solve basic programming problems in a precise, specification-oriented, approach according to defined unit test standards. In addition, students are introduced to object orientation and selected third-party libraries. Topics Covered: Foundations of programming, Computational Thinking, Object-oriented programming.

Mathematics 1: This course is designed to equip students with knowledge and skills in applying mathematical concepts and techniques to computing-related problems. It encompasses various disciplines including logic, set theory, number theory, matrix algebra, proof techniques, combinatorics, relations, graph theory, and Boolean algebra. Students will learn to solve discipline-specific, general, and complex problems using theory, formulas, and techniques from the course disciplines. The course also aims to develop a student's ability to understand and explain where mathematical concepts can be appropriately utilized and present solutions to a variety of mathematical problems and challenges. Topics Covered: Number Theory, Set Theory, Matrix Algebra, Boolean Algebra, Logic and Proofs, Counting and Graphs.

Semester 2

Programming and Databases: This course aims to familiarize students with the principles of database design, construction, utilization, and maintenance. Students will acquire knowledge in relational database design, SQL, and data manipulation techniques. They will also develop practical skills in designing simple relational databases, extracting and manipulating data using SQL and programming code, and solving programming problems with precision and adherence to unit testing standards. Topics Covered: Database Key Concepts, Relational Database Systems, Programming with Databases, and Advanced Data Manipulation.

Operating Systems and Computer Architecture:

This course is designed to provide a thorough understanding of the key elements involved in the design, implementation, and usage of modern operating systems. It aims to give students a solid knowledge of the fundamental components that form the hardware/software interface of computer systems, and the essential aspects of modern operating systems' design and implementation. The course also delves into the underlying layers of computer systems' Input and Output subsystem. Skills development includes programmatic access to system libraries provided by the operating system for kernel communication and a comprehension of the multi-programmed model supporting concurrency, multi-threading, multi-processing, and the necessary protection for critical code regions. Students will gain a general competence in understanding how hardware components interact for safe code execution, how the operating system interacts with components to offer users a secure environment for process execution, and how operating system services can be provisioned. The course also covers concepts like virtualization, distributed systems, high-performance computing, and embedded systems. Topics Covered: Computer Architecture, Evolution and types of operating systems, Processes and threads, CPU Management, Memory Management, I/O Subsystem.

Applied Cryptography: The course is designed to provide students with a fundamental understanding of modern cryptography, a field that involves the art and science of making messages unreadable. It covers both theoretical and practical aspects of cryptography, including its potential applications and related security issues, especially in network and forensic contexts. Students will develop skills in applying cryptographic techniques in specific situations and assessing their effectiveness. The course also emphasizes the correct use of cryptographic techniques in various social and commercial environments. Topics Covered: Risks and cryptographic weaknesses, The impact of steganography and cryptography in forensic investigations and data security, Types of ciphers and cipher systems (block, stream, hybrid), Cryptographic hashes, Public Key Cryptography.

Academic Skills 1: This course aims to equip students with essential problem-solving, research, and study skills required for success in a bachelor's degree. Students will gain knowledge of problem identification, research methodologies, referencing standards, scientific analysis, and plagiarism awareness. They will develop skills in problem extraction, note-taking, information organization, information evaluation, referencing, scientific analysis, and self-reflection. The course emphasizes self-sufficiency in study skills, reading, writing, and critical reflection. Topics Covered: Effective Learning and Habit Formation, Finding and Evaluating Information with Proper Referencing, Reflective Practice and Critical Thinking, Cognitive Biases, Academic Writing and Presentation Development, Teamwork Dynamics, and Time Management.

Semester 3

Network Architectures and Protocols: This course aims to enhance the understanding of networking technologies and principles. It offers knowledge on network concepts, architectures, operations, and modern networking protocols, including routing protocols and network design practices. It provides skills in analysing protocols and data within a network, designing and configuring routers and switches, and troubleshooting network operations. Students will understand the importance of protocols in network functionality and how to analyse data traversing a network. Topics Covered: Switching in a network environment, Domains and their purpose, IP routing protocols, Network design methodologies, Networking protocol analysis.

Digital Forensics Fundamentals: This course aims to provide an understanding of how to respond to a digital crime, focusing on initial on-scene actions. It explores both theoretical aspects and international practices related to the preparation, selection, validation, and operation of investigative tools and evidence acquisition. The knowledge gained includes understanding the investigation process, the tools used, crime scene documentation, and procedures to secure a digital crime scene. Skills developed include securing and storing digital evidence, validating tools and methodologies, and maintaining proper documentation to ensure the chain of custody of digital evidence. The course also emphasizes the importance of impartiality and following appropriate guidelines during an investigation. Topics Covered: Crime scene handling, Sources of evidence, Evidence imaging, Maintaining chain of evidence, Documentation, Tool validation, File systems overview.

Incident Response Fundamentals: This course is designed to equip students with foundational skills required for incident response. It exposes students to the necessary tools, techniques, and procedures to effectively identify, contain, and remediate incidents initiated by various adversaries. Emphasis is placed on understanding main process models used in incident response such as NIST and SANS, and the fundamental concepts of identifying and preserving evidence during an incident. The students will gain practical skills in incident response processes, documenting incidents, planning, processing, and analysing digital incidents, as well as identifying and preserving potential evidence. Topics Covered: Fundamental IR concepts, Incident Response processes, Evidence and information identification, Preservation of evidence and information, Incident handling techniques.

Semester 4

Mathematics 2: This course is designed to enhance a student’s mathematical understanding and apply mathematical concepts and techniques to computing-related scenarios. The course outcomes include knowledge of statistical interpretation of data, probability measurement in datasets, and hypothesis testing. Students will gain skills in data interpretation, dealing with data uncertainty, and defining and evaluating hypotheses. Furthermore, they will demonstrate their ability to apply mathematics to solve domain-specific problems and present solutions clearly and appropriately. Topics Covered: Sampling and Distribution, Descriptive Statistics, Probability of Uncertainty.

Network Forensics: This course aims to provide practical investigation of network-based activity, enabling students to identify and analyse network attacks, including the study of log files and network communication. Students will deepen their knowledge in recovering evidence from networked devices, packet analysis, and the interpretation and correlation of network evidence. The course will also impart skills in analysing and presenting network-based evidence, as well as interpreting information from network evidence. It will also help students understand ethical and legal issues during a network investigation and how to analyse network traffic, log files, and communication artifacts. Topics Covered: Logging and monitoring, Network-based sources, Packet capture and interpretation, Acquiring data, Combining and correlating evidence sources.

Digital Forensic Investigation: This course provides students with an understanding of modern operating systems and potential evidence sources within these systems. Following best practices in evidence examination and analysis, students are expected to produce a final report on the evidence gathered. The course offers knowledge in evidential analysis of digital systems, interpretation and evidential value of forensic artifacts, and various tools and techniques for forensic analysis. Students will gain skills in processing, storing, interpreting and preparing evidence. They will also demonstrate impartiality, the ability to follow appropriate scientific processes and instructions for a forensic examination, and the competency to communicate information and findings to a range of audiences. Topics Covered: Forensic tools and their application to the forensic investigation, Techniques and methods to identify, analyse and interpret digital evidence, Analysis of application and operating system artifacts, Interpretation and conveyance of technical information to the layman.

Academic Skills 2: This course is designed to equip students with essential problem-solving skills, research capabilities, and study techniques, with a particular focus on core skills necessary within their specialism. The course aims to enhance students' knowledge in effective communication, information research, and the use of various tools and technologies in problem-solving. Additionally, it helps to develop skills in academic and programmatic solutions to domain-specific problems, problem-solving techniques, and evaluation of research and information for application. The course also improves general competence by promoting self-efficiency in study skills, reading, writing, critical reflection, scripting, and problem-solving. Topics Covered: Effective forms of communication, Problem solving, Finding and evaluating information sources and avoiding plagiarism, Academic writing, argumentation, and presentation development.

Semester 5

Advanced Incident Response: This course is designed to provide advanced knowledge in incident response across an enterprise. The focus is on identifying breaches and responding to incidents larger than a single machine. Students will gain knowledge of main process models used in incident response, automation of incident response, and the importance of large-scale documentation and evidence preservation. They will also develop skills in dealing with complex advanced incidents and using advanced techniques to handle enterprise level incidents. Furthermore, students will demonstrate their ability to communicate complex information to relevant stakeholders and systematically approach complex problems. Topics Covered: Incident Response at scale, Memory forensics, Adversary and Malware Hunting, Advanced Network Forensics.

Advanced Device Forensics: The course aims to provide students with a comprehensive, hands-on understanding of the analysis of alternative sources of digital evidence, including mobile devices, and the analytical skills necessary for interpreting complex data. Students will gain knowledge of the forensic potential and challenges associated with diverse digital devices, alternative approaches to data gathering, analysis, interpretation, and new technologies and devices involved in investigations. Skills to be acquired include applying sound forensic methodologies to diverse digital devices, drawing conclusions and forming opinions from recovered data, and extracting data from non-traditional devices. The course also emphasizes scientific analysis of unseen platforms and devices, and the ability to communicate facts and ideas to a lay audience. Topics Covered: Mobile Devices – Android, iOS, IoT/Embedded systems, Advanced analysis and data identification techniques.

Data Recovery and Advanced Imaging: The course explores data storage on various devices at both logical and physical levels, and the methods of data recovery. It provides knowledge on issues and problems that may arise during data recovery, data recovery methodologies, the process of data extraction from a variety of digital sources, and the concepts and usage of large-volume storage technologies. The course enhances skills in advising on data recovery methodologies, and identifying and collecting user data from large volume storage technologies. It also develops the competence to inform others about common storage device failure and the degree of difficulty in recovering material. Topics Covered: Data recovery techniques – physical and logical, Data repair techniques, Imaging techniques for damaged and remote devices.

Semester 6

Elective Courses: The elective courses provide students with specialisations within Digital Forensics and Incident Response; focusing on areas such as big data analytics, SIEM architecture, threat modelling, offensive and defensive security techniques, malware analysis, and reverse engineering. Students will learn to handle large-scale data, generate threat intelligence, understand security risks, and evaluate security strategies. Additionally, the courses will equip students with practical skills to isolate infected systems, analyse malicious code, and recover from cyber attacks. Topics varies dependent on the electives available and the elective chosen.

Bachelor Project: The course is designed to integrate the competence acquired during the study programme into a project. It aims to stimulate critical thinking, problem-solving, and the development of various skills, including oral communication, reporting, presentation, research, media literacy, teamwork, planning, self-sufficiency, and goal-setting. Students will gain knowledge of successful project elements, current issues in their study field, and the tools, technologies, and methodologies used for solution development. They will also learn investigative methods for their own research. The course enhances skills like preparing a formal analytical thesis, undertaking significant program-related projects, selecting and applying necessary tools and methodologies for domain-specific work, implementing research techniques, and critical reflection on academic and professional development. It emphasizes general competence such as self-reliance, effective problem presentation, self-reflection, effective project management, and awareness of current issues related to their field of study. Topics Covered: Independent thinking and justification of rationale and decisions, Demonstration of project management skills, Formulation of project aims, objectives, and plan, Research, review, and integration of information from appropriate sources, Development of appropriate design or methodology, Development and implementation of an artifact, Evaluation and critical appraisal of the research artifact and the overall project.

Programme Learning Outcomes

A Programme Learning Outcome (PLO) is essentially a statement that describes what the student has achieved upon successfully completing the degree. Each course description has its own set of learning outcomes, which contribute to the achievement of Programme Learning Outcomes. The PLOs for this degree are based on the Norwegian Qualifications Framework for Lifelong Learning (NQF) at bachelor level. The NQF levels are formulated on the basis of what a person know, can do and is capable of doing as a result of a learning process. The outcomes of the completed learning process are described in the categories: “knowledge”, “skills” and “general competences”.

Knowledge: Understanding of theories, facts, principles, procedures in subject areas and/or occupations.
Skills: Ability to utilise knowledge to solve problems or tasks (cognitive, practical, creative and communication skills.
General Competence: Ability to utilise knowledge and skills in an independent manner in different situations.

Students who are awarded a Bachelor in Digital Forensics and Incident Response have attained:

Knowledge

The candidate …

K1	has broad knowledge of procedures, methods and standards that are used for the preservation and analysis of digital devices.
K2	has broad knowledge of core computing concepts relevant to digital forensics and incident response.
K3	has broad knowledge of applicable legislation and ethics that apply to digital forensics and incident response.
K4	has knowledge of roles and responsibilities within digital forensics and incident response.
K5	is familiar with current practice, emerging research, and development work within digital forensic and incident response.
K6	can update their knowledge of processes, procedures, methodologies and toolsets relevant to digital forensic and incident response.
K7	has knowledge of the significance of digital technology and its place in society.

Skills

The candidate …

S1	can apply knowledge of digital forensics and incident response to undertake investigations and the remediation of digital systems from cyber-attacks.
S2	can apply knowledge of complex digital information to inform decisions and investigation direction.
S3	can reflect upon their own academic practice, with an ability to adapt and adjust to new situations given appropriate academic guidance and support.
S4	can find, evaluate, and refer to information, emerging research, and case studies to present sound solutions to problems.
S5	masters relevant tools and techniques to conduct investigation of digital evidence and cyber incidents.
S6	masters relevant techniques to interpret, present and communicate information, data, and cases logically.

General Competence

The candidate …

G1	has insight into moral and ethical issues related to academia and digital forensics and incident response.
G2	can plan and carry out assignments and projects over time, individually or as part of a team, in accordance with a given brief.
G3	can communicate in both written and verbal formats to ensure the information is presented and conveyed appropriately.
G4	can exchange opinions and experiences with peers and discipline professionals regarding practice and efficient procedures within digital forensics and incident response, thereby contributing to both organisational and personal development.
G5	is familiar with current and evolving processes and emerging technologies within digital forensics and incident response.

Teaching and Learning

Learning Activities

All studies use a variety of teaching and learning activities to encourage students to actively explore and apply new knowledge, along with developing skills and competencies. Each course will incorporate a range of teaching and learning methods according to which are most appropriate for that course – determined through a process of constructive alignment. The primary aim of these methods is to support the students’ learning process and facilitate the achievement of the learning outcomes. The applicable teaching and learning methods include, but are not limited to, the following:

Teacher-Led Activities (TLA)
Lectures and video lectures Online lessons Tutorials	Seminars Presentations

Teacher-Supported Work (TSW)
Practical Work Workshops	Scheduled guidance Group work

Self-Study (SST)
Research Reflection	Group work (Individual) Virtual Laboratory Work

Learning Resources

Key information for the degree is delivered in lectures, normally in one of the Campus auditoriums and as a live stream. Tutorials and supported study are delivered through laboratory-based sessions. All educational material is accessible through the LMS, which forms part of the Virtual Learning Environment (VLE), illustrated in Figure 1.

The LMS provides a central location for the distribution of all educational content and learning resources related to all courses throughout the program of study:

Programme Description
Course Descriptions
Lecture slides
Recorded lectures
Reading lists

Student Handbook
Tutorial exercises
Supplementary notes
Self-study material

The dates and times for all educational sessions for every course, including lectures and tutorials, can be found in the online timetabling system (TimeEdit).

Study Workload

The student workload has been carefully considered for each course to include an appropriate combination of activities suitable for the subject area.

Information and details about a specific course can be found in the respective Course Description. However, each course comprises a selection of lectures, tutorials, and other appropriate sessions. These are timetabled based on a full-time study schedule of 08:00 to 16:00, Monday to Friday.

At the start of each academic year, a Study Schedule is published and made accessible. It contains the planned start and end dates for all courses in the degree. The schedule also includes dedicated study time to work on projects and extra-curricular sessions, including seminars, workshops, and guest speakers from industry. If the schedule is updated, students are promptly informed.

Reading List

Anson, S., (2020) Applied Incident Response. 1st ed. John Wiley & Sons.
Bijalwan, A., (2021). Network forensics. CRC Press.
Carrier, B., (2005). File System Forensic Analysis. Addison-Wesley Professional.
Gerard, J,. (2020) Digital Forensics and Incident Response, 2nd ed. Packt Publishing.
Jaswal, N., (2019). Hands-on network forensics. Packt Publishing Ltd.
Jones A, Watson D. (2013) Digital Forensics Processing And Procedures: Meeting The Requirements Of ISO 17020, ISO 17025, ISO 27001 And Best Practice Requirements. 1st ed.
Le-Khac N, Choo K. (2020) Cyber And Digital Forensic Investigations. Cham: Springer International Publishing.
Nikkel, B., (2016). Practical forensic imaging. No Starch Press.
Palacin, V., (2021). Practical Threat Intelligence and Data-Driven Threat Hunting. Birmingham: Packt Publishing, Limited.

Assessment

Grading of Assessments

Each course in the study comprises of several graded (summative) assessments, where students can demonstrate their achievements and abilities. Information about assessments for each course is provided via the course pages on the LMS. When assessments are released, students are encouraged to always read through the instructions fully and carefully, to ensure the greatest chance of success. If anything is unclear, please contact the relevant Course Leader as soon as possible.

A course is successfully completed once the student has obtained a passing grade for that course. Every assessment has a specific completion deadline comprising a date and time. Work can be submitted any time up to the stated deadline. Students must be able to clearly demonstrate the extent to which they have met the learning outcomes of that course in order to pass. Students will encounter a variety of assessments, which may be used for formative and summative purposes, to ensure that students meet or exceeded the PLOs.

Specific assessment strategies for each course, and instructions for submitting course work, are detailed in the LMS course pages. Please see the regulations available on www.noroff.no/en.

Assessment
Formative	Continuous Assessment Online Test Interactive Online Test
Summative	Presentation of Practical Work Portfolio of Work Projects Online Exams Reports Term Paper Oral Test

Grading Scale

Both formative and summative results may be assessed as Approved / Not approved, Pass / Fail or A-F.
Assessments are graded according to the standard university grading scale, illustrated in the table below.

Grade Letter	Quality Indicator	Definition
A	Excellent	An excellent performance, clearly outstanding. Shows a high degree of independence.
B	Very good	A very good performance, above average. Shows a certain degree of independence.
C	Good	An average performance, satisfactory in most areas.
D	Satisfactory	A performance below average, with significant shortcomings.
E	Sufficient	A performance that meets the minimum criteria, but no more.
F	Fail	A performance that does not meet the minimum criteria.

Entry Requirements

For general admission it is required to document the following criteria as passed:

Higher Education Entrance Qualification, and
Candidates must be able to document proficiency in the English language.
Language requirements by Samordna Opptak

Special admission requirements:
In addition to the general admission requirements, it is required to document the following:

Mathematics R1 (S1+S2)

For admission on basis of prior learning and work experience:
Admission based on prior experience requires a written application for evaluation. Applicable candidates must be at least 25 years of age in the year of admission.

For candidates with foreign education the requirements for Higher Education are:

The country must be recognized by NOKUT, specified in the GSU-list.
Candidates must be able to document proficiency in the English language.
Language requirements by Samordna Opptak

For further information, please see the admission requirements: https://www.noroff.no/en/admission/admission-requirements

Campus and Online Study

All students follow the same progression according to their education plan, irrespective of whether they study online or on campus. All students study the courses at the same time, with the same delivery and workload, following identical assessment strategies for every course. At the study level no distinction is therefore made between campus and online students. All students are required to engage in live education sessions (such as lectures) and undertake all required educational activities.

Students are encouraged to interact with each other via online forums and chat systems, enabling discussions to take place involving both online and campus students. Each student cohort is therefore a single learning community, concurrently engaging in all educational activities irrespective of actual physical location. Throughout all educational sessions course staff actively encourage participation from campus and online students simultaneously, and do not focus solely on those who are physically present.

This tight integration of campus and online ensures students will be part of a cohesive learning community throughout their study. As a result, this also means that should students' personal situations change during their studies, and they must change their mode of study from online to campus (or vice versa) this can be done with little to no disruption to their studies.

Opportunities for Further Studies

The subject material will enable graduates to go on to postgraduate study, for example:

M Cyber Security (University in Agder)
M Information Security (NTNU)
M Criminal Investigations (University of Derby)
M Cyber Security (Teesside University)
M Digital Forensics and Cyber Investigation (Teesside University)
M Computer Forensics (University of South Wales)
M Cyber Security and Digital Forensics (Leeds Beckett University)

Undertaking some period of study at an international educational institution can result in many benefits to those who take part, including:

Language and general competence in the destination country and culture
Development of personal and professional networks in other parts of the world
Personal growth and holistic development.

All students are eligible to apply to undertake a period of study at an international university. All international study opportunities are subject to the application processes and admissions requirements of the international institution, in addition to an evaluation of the suitability of the proposed study exchange within the students’ study at NUC. Full details of international study opportunities and the application process is available to all students within the LMS.

Possible Professions

Graduates understand business security needs examined and are able to ensure that such security solutions are implemented correctly, and that they are in fact adequate to mitigate the risks the organisation faces in the given context. The graduate is enabled to fulfil a number of distinct employment titles, such as the following:

Digital Forensics Investigator
Intrusion Analyst
Cyber Security Incident Responder
Cyber Security Analyst
CERT Specialist
SOC Analyst

Accredited

June, 2023