IT Security/Operational/Forensics

< IT Security < Operational

This lesson covers forensics procedures.

Objectives and Skills

Objectives and skills for the forensics procedures portion of Security+ certification include:[1]

Given a scenario, implement basic forensic procedures.
  • Order of volatility
  • Capture system image
  • Network traffic and logs
  • Capture video
  • Record time offset
  • Take hashes
  • Screenshots
  • Witnesses
  • Track man hours and expense
  • Chain of custody
  • Big Data analysis

Multimedia

  1. Watch YouTube: Order of Volatility - CompTIA Security+ SY0-401: 2.4.
  2. Watch YouTube: Capturing System Images - CompTIA Security+ SY0-401: 2.4.
  3. Watch YouTube: Capturing Network Traffic and Logs - CompTIA Security+ SY0-401: 2.4.
  4. Watch YouTube: Capturing Video - CompTIA Security+ SY0-401: 2.4.
  5. Watch YouTube: Recording Time Offsets - CompTIA Security+ SY0-401: 2.4.
  6. Watch YouTube: Taking Hashes - CompTIA Security+ SY0-401: 2.4.
  7. Watch YouTube: Taking Screenshots - CompTIA Security+ SY0-401: 2.4.
  8. Watch YouTube: Interviewing Witnesses - CompTIA Security+ SY0-401: 2.4.
  9. Watch YouTube: Tracking Man-Hours and Expenses - CompTIA Security+ SY0-401: 2.4.
  10. Watch YouTube: Chain of Custody - CompTIA Security+ SY0-401: 2.4.
  11. Watch YouTube: Big Data Analysis - CompTIA Security+ SY0-401: 2.4.

References

  1. CompTIA: Security+ Certification Exam Objectives - Exam SY0-401
This article is issued from Wikiversity - version of the Sunday, December 13, 2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.