IT Security/Operational/Forensics

This lesson covers forensics procedures.

Objectives and Skills edit

Objectives and skills for the forensics procedures portion of Security+ certification include:[1]

Given a scenario, implement basic forensic procedures.
  • Order of volatility
  • Capture system image
  • Network traffic and logs
  • Capture video
  • Record time offset
  • Take hashes
  • Screenshots
  • Witnesses
  • Track man hours and expense
  • Chain of custody
  • Big Data analysis

Readings edit

Multimedia edit

  1. YouTube: Order of Volatility - CompTIA Security+ SY0-401: 2.4
  2. YouTube: Capturing System Images - CompTIA Security+ SY0-401: 2.4
  3. YouTube: Capturing Network Traffic and Logs - CompTIA Security+ SY0-401: 2.4
  4. YouTube: Capturing Video - CompTIA Security+ SY0-401: 2.4
  5. YouTube: Recording Time Offsets - CompTIA Security+ SY0-401: 2.4
  6. YouTube: Taking Hashes - CompTIA Security+ SY0-401: 2.4
  7. YouTube: Taking Screenshots - CompTIA Security+ SY0-401: 2.4
  8. YouTube: Interviewing Witnesses - CompTIA Security+ SY0-401: 2.4
  9. YouTube: Tracking Man-Hours and Expenses - CompTIA Security+ SY0-401: 2.4
  10. YouTube: Chain of Custody - CompTIA Security+ SY0-401: 2.4
  11. YouTube: Big Data Analysis - CompTIA Security+ SY0-401: 2.4

Activities edit

See Also edit

References edit