HWZ Forums

Login Register FAQ Mark Forums Read

Digital Forensics Course

Like Tree2Likes
Share This Page
HardwareZone.com on Facebook
Reply
 
LinkBack Thread Tools
Old 01-08-2012, 12:35 PM   #46
Senior Member
 
Join Date: May 2010
Posts: 1,897
In general, operations staff will not have chance to rub shoulders with senior staff unless things happen.

They are also one of the staff that the company says can do without with and will lay you off without the blink of an eye, only to realize their importance when things can't be handled or when things go awry.

Digital Forensics in some way, is put the image into Encase click here and there. Then comes out a report.
LOL... this is not what forensics is for.
dongdong88 is offline   Reply With Quote
Old 01-08-2012, 02:41 PM   #47
Arch-Supremacy Member
 
MoeMoeSama's Avatar
 
Join Date: May 2010
Posts: 16,555
Financial/Accounting Forensics specialist reviews businesses or companies' financial records for signs of fraud/ misrepresentation or money laundering. The Big 4 and Major banks normally hire these people for a very good salary. Something like an auditor but more specialized. They are used when a company has a major financial scandal e.g. Olympus. The BOD normally will hire an audit firm to do a third party audit. Thats where Financial forensics people come in.

In short, to catch people cooking the books la. These are the real specialists. Digital Forensics in some way, is put the image into Encase click here and there. Then comes out a report.

Financial forensics must really manually review every statement and financial record in the company.
..... cannot disagree in a sense...
__________________
脱去凡近,以游高明 . 不求同俗而求同理 . 不求人知而求天知
MoeMoeSama is offline   Reply With Quote
Old 02-08-2012, 12:13 AM   #48
Senior Member
 
Join Date: Jan 2009
Posts: 960
running Forensics software is like running vulnerabilities scanner in a simplistic view. Input scan settings, final result is a raw output report, open ports/services. based on the raw data, input risk and recommendations.

Same for forensics analysis. Say download porn policy violations. So grep the hdd image for key words, or try to retrieve deleted images. Same context to me.

Encase and FTK had come to a stage where by a lot of searches are templated and automated. E.g. Search for Porn .. Click Yes. Of course there are more advanced stuff like timelines comparison, system activities review
Xiaosa1 is offline   Reply With Quote
Old 02-08-2012, 12:37 AM   #49
Senior Member
 
Join Date: May 2010
Posts: 1,897
Yes... the software is meant to aid the analyst.

However, one needs to go further than just clicking here and there...
dongdong88 is offline   Reply With Quote
Old 05-08-2012, 08:21 PM   #50
Senior Member
 
Join Date: Jan 2009
Posts: 960
For those who are interested in looking at the actual scope of Computer forensics jobs, VISA Singapore is looking for an Sr. Information Security Analyst (Computer Forensics). The job advertisement is available on its website
Xiaosa1 is offline   Reply With Quote
Old 06-08-2012, 10:54 PM   #51
Arch-Supremacy Member
 
MoeMoeSama's Avatar
 
Join Date: May 2010
Posts: 16,555
For those who are interested in looking at the actual scope of Computer forensics jobs, VISA Singapore is looking for an Sr. Information Security Analyst (Computer Forensics). The job advertisement is available on its website
RESPONSIBILITIES
Lead and conduct technical investigations of information security related incidents on a global network while using computer forensics tools such as Encase, FTK and F-Response for evidence collection and analysis
Analyze suspicious binaries and network forensic logs as part of the efforts to mitigate potential targeted threats against the company
Identify, record and manage host- and network-based indicators of compromise (IOCs)
Act as Subject Matter Expert on information security related issues pertaining to Investigations and Incident Response where you will guide other teams through your case recommendations
Interact and assist other investigative teams within Visa on time sensitive, critical investigations
Review, interpret and communicate risk and business impacts of security exploits, patches and vulnerabilities
Lead structured response and subsequent remediation of large scale Security Incidents ensuring involvement of correct technical and non-technical teams
Develop and conduct Incident Response mock scenarios for training on an annual basis
Develop, document and implement process level improvements for Investigations and Incident Response (e.g. updates to Computer Security Incident
Response Team (CSIRT) Handbook, cross team processes etc.)
Mentor and train staff on Investigations and Incident Response


Qualifications


Bachelor's Degree in Computer Science (or related field) or equivalent work experience
8 to 10 years of experience in Information Security, with a concentrated focus on Incident Response, Forensics, Investigations and Case Management
CISSP and EnCE completed or “exam ready”
Demonstrated ability to handle sensitive and confidential information and matters is essential.
Possess highly developed analytical reasoning skills with the ability recognize and evaluate facts, objectively analyze situations, synthesize and organize data/information from multiple sources
Advanced level experience using network and system forensics tools
Familiarity with malware reverse engineering and ethical hacking beneficial
The ability to work effectively with other functional areas and understand the operational and cultural issues relevant to achieving superior results
Strong knowledge and administrative experience on Windows and UNIX platforms
Knowledge of mid-range and mainframe operating environments - Tandem, MVS, TPF, OS-400 preferred
Able to draft, interpret and communicate policies, procedures and technical requirements
Must be both a self-starter and team player; must work well independently with limited supervision
Excellent written and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively.
Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
Candidate must possess a strong aptitude for Risk Management
GREM, CFCE, GCIH, GCFA, EnCE CHFI, GCIA, GCED, GPEN Certifications preferred
Established network in the law enforcement community is preferred.



Info. Security Specialist (Computer Forensics)


Is on linkedin and visa website :0
__________________
脱去凡近,以游高明 . 不求同俗而求同理 . 不求人知而求天知
MoeMoeSama is offline   Reply With Quote
Old 07-08-2012, 09:18 PM   #52
Senior Member
 
Join Date: Jan 2009
Posts: 960
The job scope had confirmed some requirements of a Cyber forensics analyst discussed in this thread

1. Ex Police force
2. Trained investigator
3. Incident handling skills and Information Sec knowledge
4. Multiple Certifications required
5. Product certified required (FTK/Encase)
Xiaosa1 is offline   Reply With Quote
Old 08-08-2012, 05:44 PM   #53
Junior Member
 
shallwechen's Avatar
 
Join Date: Mar 2012
Posts: 40
I think the point is very important for us. "Incident handling skills and Information Sec knowledge" Everyone need the skills, just my opinion.
shallwechen is offline   Reply With Quote
Old 08-08-2012, 07:54 PM   #54
Arch-Supremacy Member
 
MoeMoeSama's Avatar
 
Join Date: May 2010
Posts: 16,555
The job scope had confirmed some requirements of a Cyber forensics analyst discussed in this thread

1. Ex Police force
2. Trained investigator
3. Incident handling skills and Information Sec knowledge
4. Multiple Certifications required
5. Product certified required (FTK/Encase)
1. and 2. is basically the same... what they want is the connection and also being in PTD give you experience in presenting evidence in court.. that what i hear la.
__________________
脱去凡近,以游高明 . 不求同俗而求同理 . 不求人知而求天知
MoeMoeSama is offline   Reply With Quote
Old 08-08-2012, 10:12 PM   #55
Senior Member
 
Join Date: Jan 2009
Posts: 960
1. and 2. is basically the same... what they want is the connection and also being in PTD give you experience in presenting evidence in court.. that what i hear la.
Just to be clear. Your point is only applicable in Singapore. In countries like United States, there are a lot of people who are licensed investigators, with out ex police force status, but still with the relevant network.

For example, private investigators, commercial/fraud investigators even bounty hunters....
Xiaosa1 is offline   Reply With Quote
Old 09-08-2012, 02:37 PM   #56
Arch-Supremacy Member
 
MoeMoeSama's Avatar
 
Join Date: May 2010
Posts: 16,555
Just to be clear. Your point is only applicable in Singapore. In countries like United States, there are a lot of people who are licensed investigators, with out ex police force status, but still with the relevant network.

For example, private investigators, commercial/fraud investigators even bounty hunters....
Yes true cant disagree on that viewpoint
__________________
脱去凡近,以游高明 . 不求同俗而求同理 . 不求人知而求天知
MoeMoeSama is offline   Reply With Quote
Old 11-08-2012, 03:44 PM   #57
Senior Member
 
Join Date: May 2010
Posts: 1,897
A job posting on Symantec. I wonder if part of their job scope to post blogs.

Seems like some of the things will go on the blog...

Senior IT Security Threat Analyst at Symantec in Singapore - Job | LinkedIn
dongdong88 is offline   Reply With Quote
Old 22-07-2013, 01:39 AM   #58
Junior Member
 
Join Date: Jul 2013
Posts: 6
Not sure if this is the right place but any of your senior forensic specialists have experience in enscript the language for encase? i have faced some errors in trying to make a simple script. It seems singapore is trying to push forward studies in this area seeing the polytechnic course digital forensics and an university is going to be build within the polytechnic for digital forensics
scythe.weee is offline   Reply With Quote
Old 16-08-2013, 05:29 PM   #59
Supremacy Member
 
xfiles_wolvie's Avatar
 
Join Date: Apr 2003
Posts: 6,564
sooner or later all forensics will start to have requirements of CCFP....from ISC2.
__________________
Talent is God-Given, Be Humble, Fame is Man-Given, Be Grateful, Conceit is Self-Given, Be Careful
xfiles_wolvie is offline   Reply With Quote
Old 07-01-2014, 10:34 PM   #60
Junior Member
 
Join Date: Sep 2011
Posts: 32
You can find out more about Degree in Cyber Forensics here. This is a Murdoch SMF programme.
lee7stc is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Samsung
Rewards