|eForensics_2015 - preview.pdf|
TABLE OF CONTENT
1. WINDOW FORENSICS ANALYSIS - Collecting Volatile and Non-Volatile Information
by Muhammad Irfan, CISA, CHFI, CEH, VCP, MCSE, RHCE, CCNA and CCNA Security
For any forensic investigation, the most challenging thing is the collection of information which will lead us in the right direction to solve a case successfully. If actual information is not collected, then we are not able to proceed in the right direction and sometimes the investigation will not give us any fruitful information. If an investigation is done properly, then we have the maximum chance that we can find the culprit and successfully end the case.
2. INSTALLING ACCESSDATA FTK IMAGER
by Bridgette Braxton, Executive Assistant at Jet Propulsion Laboratory
AccessData FTK Imager provides an easy way to image a hard drive that allows the investigator to create dd images, Smart images, and EnCase images. The program loads quickly, creates forensic images that allow easy previewing of the hard drives files/folders and media, mounts images for read-only view to see the contents on the original drive, exports/recovers files that have been deleted that have not been overwritten, and creates hash files using Message Digest 5 (MD5) and Secure Hash Algorithm (SHA1) that verifies the integrity of the images have not been altered or changed. FTK Imager is a free program provided by AccessData the same company that provides AccesData FTK Imager lite and it is one of the best drive imaging and evidence collection programs I have used and it’s a court-accepted digital forensic tool.
3. Sql Server Statistics Overview
by Chris Kitchen – A Sql Server Administrator/Developer with 12 years’ experience
You will learn what Sql Server statistics are, how their behavior can change when data changes, why it is important to keep statistics up to date and how to use the application I have written to update, report or generate the syntax to update the statistics at a later date.
4. THE APT (ADVANCED PERSISTENT THREATS) IN A NUTSHELL
by Sameera de Alwis
The APT is an utmost vital interrogation these days in the digital world or cyber interstellar of contemporary information era. The APT routinely has unconventional digital outbreak competencies and it does not mean hi-tech proficiencies always, then again well strategic, systematized and occasionally hybrid executed just like a top-secret US undercover operation 9/11 was avant-garde. In addition to aforesaid supplementary information and crossway point, the persistent outbreaks are to uphold conversant and uninterrupted access to information and cyber empowered networked systems.
5. Introduction to Mobile Forensics
by dr. Fabio Masa, Ufed Physical pro and AccessData certified Examiner, CEH, CHFI
The production process of the forensic evidence is divided in five main phase: the seizure, the identification, the acquisition and the examination or analysis. Once the data is extracted from a device, different methods of analysis are used based on the underlying case. As each investigation is distinct, it is not possible to have a single definitive procedures for all cases.
6. AUTOMATING SECURITY DETECTION AND RESPONSE: HOW DO YOU COMPARE TO YOUR PEERS?
by Todd Weller, VP Corporate Development, Hexis Cyber Solutions
A plethora of data breaches in the past several years confirms that organizations across all industries are losing the battle against advanced threats. The majority of these incidents are heightened in severity due to security teams’ lack of visibility across the network – the more time it takes to discover the breach, the deeper the malware will infiltrate a system and cause damage. In addition to the lack of visibility, security teams are faced with challenges related to their existing technology infrastructure; preventative legacy solutions such as anti-virus and firewalls are no match for sophisticated adversaries. As such, organizations must concentrate on investing in cybersecurity tools that not only provide continuous monitoring, but can also automatically detect, verify and remove threats. While many organizations are uncomfortable with fully automating security and workflow processes, the benefits of deploying this kind of technology outweigh the associated risk.
7. Hacking Journalists
by Bob Monroe
There was a time when a reporter was called a hack. This term referred to their ability to hack away on a typewriter to create a story on a short deadline. Somewhere in the 1950’s MIT’s Railroad Club adopted the term when they saw a cool use of technology. Railroads help to build the world and spread commerce across the globe. This was a proud term, a name for an action that you could be pleased to have been associated with. Then, somewhere that hack name because used for criminal internet activity. Today, a hacker is someone to be put in jail just for being called that nasty name.
8. Review of "SECURITY PROGRAM AND POLICIES" by SARI STERN GREENE
by Bob Monroe
9. Review of "NETWORK DEFENSE AND COUNTERMEASURES: PRINCIPLES AND PRACTICES 2ND EDITION" by CHUCK EASTTOM
by Bob Monroe