What a Computer Forensics Investigator needs to understand
A Computer Forensics Investigator needs to be able to understand the process of investigating a cybercrime, the laws involved and the details in obtaining the necessary authorisation to perform the investigation.
Each computer forensics case is different, and each country’s laws are different too. Most difficult of all: attacks are becoming more elaborate every day.
The Computer Forensics Investigator must have the necessary information technology and security skills, to be able to deal with these different situations.
The examination process – and the many different types of digital evidence - makes computer forensics a time-consuming process. So a Computer Forensics Investigator must also have the necessary skills to manage projects and resources.
First things first: the First Responder
The most important function of a computer forensics investigator starts with the First Responder. Roles of the First Responder include: securing, evaluating and documenting the electronic crime scene; conducting preliminary interviews; collecting, preserving, packaging and transporting electronic evidence; and finally reporting the crime.
The role of the Computer Forensics Investigator
Below are a few actions required of the Investigator:
• Recover deleted files and deleted partitions in Windows, Mac OS X, and Linux
• Crack passwords, understand password-cracking processes and have access to password-cracking tools
• Understand types of password attacks and how to investigate a password-protected file breach
• Understand different types of log capturing techniques, log management, log capturing tools and time synchronisation
• Investigate logs, network traffic, wireless attacks, and web attacks
• Track e-mails and investigate e-mail crimes.
How does computer forensics fit within the ethical hacking world?
Ethical hacking is a function of computer forensics. Ethical hacking is the process that follows vulnerability assessments and scanning. Ethical hacking is the art of exploitation with permission - and thus is a mandatory skill and requirement within the computer forensics world.
When a computer forensics investigator is tasked with the collection, examination, identification, preservation, recovery, analysis and presentation of evidence as facts; ethical hacking is the fundamental skill to achieve these effectively.
Computer forensics certifications
There are several computer forensics certs to choose from. These are the best:
· C|HFIv8 - Computer Hacking Forensics Investigatorfrom the EC-Council
· GCFE - Forensics Examinerfrom the GIAC (SANS)
· CCFE - Certified Computer Forensics Examinerfrom the IACRB
· CCE - Certified Computer Examinerfrom the ISFCE
A Computer Forensics Investigator needs to be able to understand the process of investigating a cybercrime, the laws involved and the details in obtaining the necessary authorisation to perform the investigation.
Each computer forensics case is different, and each country’s laws are different too. Most difficult of all: attacks are becoming more elaborate every day.
The Computer Forensics Investigator must have the necessary information technology and security skills, to be able to deal with these different situations.
The examination process – and the many different types of digital evidence - makes computer forensics a time-consuming process. So a Computer Forensics Investigator must also have the necessary skills to manage projects and resources.
First things first: the First Responder
The most important function of a computer forensics investigator starts with the First Responder. Roles of the First Responder include: securing, evaluating and documenting the electronic crime scene; conducting preliminary interviews; collecting, preserving, packaging and transporting electronic evidence; and finally reporting the crime.
The role of the Computer Forensics Investigator
Below are a few actions required of the Investigator:
• Recover deleted files and deleted partitions in Windows, Mac OS X, and Linux
• Crack passwords, understand password-cracking processes and have access to password-cracking tools
• Understand types of password attacks and how to investigate a password-protected file breach
• Understand different types of log capturing techniques, log management, log capturing tools and time synchronisation
• Investigate logs, network traffic, wireless attacks, and web attacks
• Track e-mails and investigate e-mail crimes.
How does computer forensics fit within the ethical hacking world?
Ethical hacking is a function of computer forensics. Ethical hacking is the process that follows vulnerability assessments and scanning. Ethical hacking is the art of exploitation with permission - and thus is a mandatory skill and requirement within the computer forensics world.
When a computer forensics investigator is tasked with the collection, examination, identification, preservation, recovery, analysis and presentation of evidence as facts; ethical hacking is the fundamental skill to achieve these effectively.
Computer forensics certifications
There are several computer forensics certs to choose from. These are the best:
· C|HFIv8 - Computer Hacking Forensics Investigatorfrom the EC-Council
· GCFE - Forensics Examinerfrom the GIAC (SANS)
· CCFE - Certified Computer Forensics Examinerfrom the IACRB
· CCE - Certified Computer Examinerfrom the ISFCE
Post a Comment
I'm certainly not an expert, but I'll try my hardest to explain what I do know and research what I don't know. Be sure to check back again , after moderation i do make every effort to reply to your comments .