 |
|
| Junior Member Registered Member  Join Date: Mar 2006
Posts: 17
Certifications: A+,Net+,Security+,GCIH, C|EH  |
 Forensic I am currently obtaining my Comp Info Sys degree with a Forensic track. I was wondering what are some good forensic certifications to obtain. Any help will be great. | ||
|  |
|
| Senior Member Join Date: Mar 2007
Posts: 12,182
 |
http://www.eccouncil.org/chfi.htm is the only one that comes to mind, but there might be others. Edit: I got one out of three... weak  __________________ ''=~('(?{'.('[-@.^~'^'+_)@*^').'"'.('@.&@-@@<@~$@^~.@^_'^')@@/^)%[%^@/*^@%*}').',$/})') | ||
|
| |
| Certification Consultant Forum Admin  Join Date: Jul 2003 Location: Surf City USA
Posts: 6,430
Certifications: CISSP, SSCP, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec (CNSS 4011, 4013) |
__________________ Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net Blog: www.techexams.net/blogs/jdmurray LinkedIn: www.linkedin.com/in/jamesdmurray Twitter: www.twitter.com/jdmurray | ||
|
| |
| ping 127.0.0.1  Join Date: Feb 2007 Location: Pittsburgh, PA
Posts: 1,843
Certifications: CCNA, CCNA:S, CNSS 4011, MCP, A+, N+, L+   |
Quote:
__________________ WIP: Masters of Infosec & CCNP | |||
|
| |
| Senior Member Join Date: Jan 2007 Location: ::1F03:0307
Posts: 220
Certifications: CPT, OSCP, CNDA / C|EH, CHFI, SGFE, SGFA |
Re: Forensic Quote:
http://www.certified-computer-examiner.com/ CHFI - I won't comment much since I'm now a guest "moderator/speaker/online class flunky" from time to time on EC-Council's online courses... Good for incident response! Court of law? CCE... Working @ say the FBI, NSA, Fortune 100 investigative team... CCE all the way I'm in the Digital Forensics Association now, and they're sort of figuring out a way to sort out the posers from those in the know. The procedures, processes, etc., are being laid out now. It's difficult putting things like this together because most work and the time involved with it can be overwhelming. The vast majority of "heavyweights" in the field are keeping an eye open and getting together for DFA which is kind of cool - until polit(r)ic(k)s take over. If your serious about forensic though: CCE. If you'd like to join DFA you could ask Suzanne Widup. I'll let you track her information down  __________________ "Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius | |||
|
| |
| Senior Member Join Date: Jan 2007 Location: ::1F03:0307
Posts: 220
Certifications: CPT, OSCP, CNDA / C|EH, CHFI, SGFE, SGFA |
Quote:
The problem with vendor specific certifications is just that - they're vendor specific. So you're an EnCE... You know how to use EnCase. So what. There is more to forensics than running a program. There is a lot involved with filesystems, memory, cache, copying, retention of data, metadata. Forensics is not and should not be a "should I get vendor X's cert?" Semi detailed information about forensic certifications... http://certification.about.com/cs/se...pforensics.htm I have EnCase, Stealth Suite, Helix, TCT, FTK, F.I.R.E., Helix and a couple of others... Personally I prefer to use Helix and intuition. I like Foundstone's toolkit, but I prefer good old fashion file carving a-la *nix: Foremost + Scalpel + dd So ask yourself this question... You invest time and money to learn this only to get interviewed and you're asked on the spot to dissect and analyze something without EnCase... Then what? What steps would you take? See to me, it's all about versatility, a theme I will iterate over and over. Can you do it with say no tools at all? I can and have. Self-taught AFTER the forensics fact. I learned a long time ago to get to know the base of it all, everything else comes easy. Which is why many people nowadays seemed puzzled I have no choice/preference in operating systems: E.g.: "What's your favorite distro!@" ... Are you kidding? I don't have one. I'm in a terminal 90% of the time and anyone who knows me can tell you this... Because I've been around the block, I've tried to teach myself alternative ways of doing things. Hence me never studying PERL only programming in it when it's beneficial to me. I can do the same in awk, sed, ruby, perl, python... It all depends on my mood. My choice of not settling was because I needed to know an alternative if say I was on a system with no access to perl, etc.... sed + awk would almost always be there... E.g.: They all do the same thing: ruby -pe 'next unless $_ =~ /something/' filename grep something filename awl '/something/' filename perl -nle 'print if /something/' filename However on different systems say one running a database, I might use ruby which might be faster for me... In another instance I might be forced to use say awk or sed or grep because I can't install ruby or perl... The end result is the same for me... So learn the core of it all, don't rely on point and click to much. The rest comes easy and you're not trapped in a one vendor world. My two cents __________________ "Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius | |||
|
| |
| Bookmarks |
 |
 |
« Previous Thread
|
Next Thread »
| Thread Tools | |
| |
All times are GMT. The time now is 06:48 AM.
