When I said I don't know much about, it was a reference meaning I don't have personal, first-hand experience of the coursework and classroom, JD. Go scout up the Edmonds Community College and Steve Hailey as well, it is well worth it since Steve Hailey is the developer of the CSFA.
I actually have in my possession the literature, met the instructors, and am acquainted with people who are enrolled for the City University program. However, I don't know what their classroom experience is, how well they are doing in the local job market, and the perspective of local employers. I considered enrolling, but have not gone any further since I only found out about them around a month ago and just finished taking the SSCP - there are only so many hours in the day.
Now that I have further elaborated my obviously all too brief statement, I will say this much: forensics certifications - don't do any that are only 5-day courses (like CHFI). These certifications may require that at some time in the future that you appear on the stand in a criminal or civil case as an expert witness. As an expert witness you will be asked how much training you have had with your tools, how you acquired your knowledge, etc. The opposing side will have their expert witness sitting by ready to challenge every statement you make, if all you have done is a 5-day course, it won't be fun, you might be liable, and you may never get another case. You need to know a wide collection of tools as well, not just one.
Forensics is not like collecting another cert, it is serious business to practice forensics. But do as you will.
if all you have done is a 5-day course, it won't be fun, you might be liable, and you may never get another case.
No lawyer would put anyone like that in a courtroom. They wouldn't even make it through a deposition. A lawyer looks at a forensic examiner's CV first, and if the experience isn't on there you'll never get a call. Therefore, a $15/hr tool-monkey working in a forensics lab should never need worry about getting called to testify on a case.
And I only replied to your post because you didn't provide a link to City U's program for other interested readers to follow.
JD did you read any more of Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data? Richard Bejtlich gave it a pretty crappy review so I am wondering about your thoughts on it....
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
JD, as a person who has taken the oscp course do you feel that this is in line with oscp level knowledge or is it closer to CEH knowledge? I am thinking of picking this book up sometime in the summer (after I am done with the elearnsecurity course and a few other books).
The book is useful for learning material in the CEH, LPT, OCSP, and OSCE certs. The Offensive Security certs actually use BackTrack in the training and exams. CEH has very little material about pen testing, but most of the tools found in the CEH can be used on BackTrack. I've never seen the LPT cert materials, but I'm guessing BackTrack should be very useful too.
JD, thanks for the fantastic thread. Ive got family in CF and this has been an interesting to read, helping me to learn more specifically about what they do.
Can you elaborate a bit on the differences between something like incidence response and other CF fields? Ive got a broad understanding of the different areas, but find that things really become refined when laying out a plan for certs to achieve and the desired place to land in the info sec industry.
Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS. Next up: eventually the RHCEand to start blogging again. Control Protocol; my blog of exam notes and IT randomness
Can you elaborate a bit on the differences between something like incidence response and other CF fields?
Computer forensics techniques can be used in an incident response operation, but only if that type of evidence gathering and data collection is needed to document and resolve the incident. CF is formally used when the result of the investigation may be reported in a court of law. If an incident will not involve the legal system (such as with administrative rule violations within a corporation), computer forensics is not used. However, you an still use computer forensics techniques to collect evidence of misuse of company resources, workplace harassment, violations of corporate security policies, etc. This is what most people think computer forensics is really used for.
WGU'S session with Mr. Wade was very informative. It was great to hear from an expert in the field. If you couldn't make it you can still view the recording by going to the link below. While viewing the recording you can also download the files in the share window. First file is just the briefing and the other is a zip file with a video and briefing slides. Enjoy!
One of my computer forensics instructors was interviewed by Tom Hulce of KNX 1070 AM and talks about the series of computer forensics classes I took with him. It's really just a collection of sound bites, but the information is interesting and accurate.
JD, have you listened to CyberSpeak? I'm hooked on the podcast, and I'm nearly through listening to all the past episodes.
Yes, I've listened to some of the episodes and do like it. They are released at irregular intervals, so I tend to forget about it. The same is true with Cyber Crime 101,Forensics 4cast and Inside the Core.
One of my computer forensics instructors was interviewed by Tom Hulce of KNX 1070 AM and talks about the series of computer forensics classes I took with him. It's really just a collection of sound bites, but the information is interesting and accurate.
Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS. Next up: eventually the RHCEand to start blogging again. Control Protocol; my blog of exam notes and IT randomness
The August 15, 2011 CyberSpeak podcast has an excellent interview with a CF professional on "the do's and don'ts of testifying in court." Most people think CF is all about searching for evidence on information storage systems. It's also about creating documentation and presenting it in court. It's a must-listen for anyone thinking of going into CF.
The August 15, 2011 CyberSpeak podcast has an excellent interview with a CF professional on "the do's and don'ts of testifying in court." Most people think CF is all about searching for evidence on information storage systems. It's also about creating documentation and presenting it in court. It's a must-listen for anyone thinking of going into CF.
I enjoyed that one as well. VERY interesting. I watched the videos of the forensic investigators testifying at the Cassie Anthony trial.
I watched the videos of the forensic investigators testifying at the Cassie Anthony trial.
Hey, post the link(s) for those. I heard the investigator talking about that too and I wanted to watch them. That's the kind of stuff they should have over at www.SecurityTube.net. Somebody needs to make a www.forensicstube.com for sure.
The August 15, 2011 CyberSpeak podcast has an excellent interview with a CF professional on "the do's and don'ts of testifying in court." Most people think CF is all about searching for evidence on information storage systems. It's also about creating documentation and presenting it in court. It's a must-listen for anyone thinking of going into CF.
Great podcast. Thanks for the link JD. I had watched the testimony of Sandra Osborne and Kevin Stenger, previously. Listening to Jones talk about preparation and perspectives on testimony was quite interesting.
Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS. Next up: eventually the RHCEand to start blogging again. Control Protocol; my blog of exam notes and IT randomness
Oh, how the pile grows. I really wish I could learn like Leeloo Dallas Multi-pass does in the 5th Element. Scan and absorb.
Say, Sgt. Gibson is packing his pistol while sitting there at home, isn't he?
Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS. Next up: eventually the RHCEand to start blogging again. Control Protocol; my blog of exam notes and IT randomness
I'm taking the EnCE practical exam now and it's kicking my butt so far. Good thing EnCE candidates are given 60 days to chew on it. And I do mean "chew."
I'm taking the EnCE practical exam now and it's kicking my butt so far. Good thing EnCE candidates are given 60 days to chew on it. And I do mean "chew."
Do you think the training you took prepared you enough? By the way, I don't know if you have the answer for this or not but, do you know if you need the full version of FTK to take the ACE exam?
Comments
I actually have in my possession the literature, met the instructors, and am acquainted with people who are enrolled for the City University program. However, I don't know what their classroom experience is, how well they are doing in the local job market, and the perspective of local employers. I considered enrolling, but have not gone any further since I only found out about them around a month ago and just finished taking the SSCP - there are only so many hours in the day.
Now that I have further elaborated my obviously all too brief statement, I will say this much: forensics certifications - don't do any that are only 5-day courses (like CHFI). These certifications may require that at some time in the future that you appear on the stand in a criminal or civil case as an expert witness. As an expert witness you will be asked how much training you have had with your tools, how you acquired your knowledge, etc. The opposing side will have their expert witness sitting by ready to challenge every statement you make, if all you have done is a 5-day course, it won't be fun, you might be liable, and you may never get another case. You need to know a wide collection of tools as well, not just one.
Forensics is not like collecting another cert, it is serious business to practice forensics. But do as you will.
And I only replied to your post because you didn't provide a link to City U's program for other interested readers to follow.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
SANS 5 & 6 Day Forensics Courses
SANS vLive! Forensics 508: Advanced Computer Forensic Analysis and Incident Response
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
The SANS Computer Forensics web site is great place for learning or expanding knowledge on computer forensics: SANS Computer Forensics Training, Incident Response with Rob Lee
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
Yeah, that's an unfavorable review all right. I haven't tried to read it, but now maybe I'll just look at the NetFlow and NetWitness chapters.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
BackTrack 4: Assuring Security by Penetration Testing | TechExams.net Blogs
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Good Review.
JD, as a person who has taken the oscp course do you feel that this is in line with oscp level knowledge or is it closer to CEH knowledge? I am thinking of picking this book up sometime in the summer (after I am done with the elearnsecurity course and a few other books).
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Can you elaborate a bit on the differences between something like incidence response and other CF fields? Ive got a broad understanding of the different areas, but find that things really become refined when laying out a plan for certs to achieve and the desired place to land in the info sec industry.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
WGU Alumni Community - Cyber Forensics Open Forum with George Wade
Episode 38 – Independent Women REPOST : Forensic 4cast
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
http://www.csufextension.org/ueeimages/ueeCertPDF/Andy_S.mp3
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Great clip JD. Thanks for sharing it.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
I enjoyed that one as well. VERY interesting. I watched the videos of the forensic investigators testifying at the Cassie Anthony trial.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
The testimony is not just that of Sandra Osborne, but also Sgt. Kevin Stenger.
Video - Police Computer Forensics Expert Sandra Osborne Testifies at the Casey Anthony Murder Trial on June 8, 2011 - National Crime | Examiner.com
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Great podcast. Thanks for the link JD. I had watched the testimony of Sandra Osborne and Kevin Stenger, previously. Listening to Jones talk about preparation and perspectives on testimony was quite interesting.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness
Digital Video Forensics On A Shoestring,
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Oh, how the pile grows. I really wish I could learn like Leeloo Dallas Multi-pass does in the 5th Element. Scan and absorb.
Say, Sgt. Gibson is packing his pistol while sitting there at home, isn't he?
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness
I'm taking the EnCE practical exam now and it's kicking my butt so far. Good thing EnCE candidates are given 60 days to chew on it. And I do mean "chew."
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Do you think the training you took prepared you enough? By the way, I don't know if you have the answer for this or not but, do you know if you need the full version of FTK to take the ACE exam?