IT Security/Operational/Forensics
This lesson covers forensics procedures.
Objectives and Skills
editObjectives and skills for the forensics procedures portion of Security+ certification include:[1]
- Given a scenario, implement basic forensic procedures.
- Order of volatility
- Capture system image
- Network traffic and logs
- Capture video
- Record time offset
- Take hashes
- Screenshots
- Witnesses
- Track man hours and expense
- Chain of custody
- Big Data analysis
Readings
editMultimedia
edit- YouTube: Order of Volatility - CompTIA Security+ SY0-401: 2.4
- YouTube: Capturing System Images - CompTIA Security+ SY0-401: 2.4
- YouTube: Capturing Network Traffic and Logs - CompTIA Security+ SY0-401: 2.4
- YouTube: Capturing Video - CompTIA Security+ SY0-401: 2.4
- YouTube: Recording Time Offsets - CompTIA Security+ SY0-401: 2.4
- YouTube: Taking Hashes - CompTIA Security+ SY0-401: 2.4
- YouTube: Taking Screenshots - CompTIA Security+ SY0-401: 2.4
- YouTube: Interviewing Witnesses - CompTIA Security+ SY0-401: 2.4
- YouTube: Tracking Man-Hours and Expenses - CompTIA Security+ SY0-401: 2.4
- YouTube: Chain of Custody - CompTIA Security+ SY0-401: 2.4
- YouTube: Big Data Analysis - CompTIA Security+ SY0-401: 2.4