Expanding Computer Forensics Knowledge

By: Kyle Cavalieri, Manger of Computer Forensics and Investigations, DIGITS LLC

Recently we had an inquiry from a follower who recently obtained a computer forensics certification from an online resource. Our follower asked if we recommend that they take a course involving more hands on experience?

Mr. Cavalieri’s response:

Hands on experience is a MUST.  I would recommend any of the SANS DFIR courses for instructor led training courses.  If cost is an issue, I would highly recommend attending conferences and webinars to fill in the void of what was taught in the classroom to what is practice in the field.  I believe the SIFT Workstation (running on Ubuntu) created by Rob Lee (SANS Faculty Fellow) is free to SANS members (membership is free).  He has a wealth of great tools installed on the SIFT Workstation and there is plenty of documentation available to guide the user through the use of the tool(s).

I would highly recommend purchasing textbooks in the specialty areas he or she wants to dive into.  I think its a necessity to have File System Forensic Analysis by Brian Carrier and Windows Network Forensics and Investigation by Steve Anson and Steve Bunting in any Forensic Examiner’s library.

At the end of the day, any good examiner needs to be proactive and test new systems and determine how to find those valuable forensic artifacts that may make or break your investigation.

If you have any other questions, please feel free to contact us at info@digitsllc.com.  Stay connected!


Comments/Questions for DIGITS LLC?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s