lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 11 Nov 2008 10:49:08 -0500
From: "Castigliola, Angelo" <ACastigliola@...M.COM>
To: <full-disclosure@...ts.grok.org.uk>, "Anders B Jansson" <hdw@...listi.se>
Subject: Re: [Cross Post] [Job Interview Guidance
	Request]Computer Forensics Officer

Aaron,

 

As Ivan pointed out, I think that knowing the basics principals and
security fundamentals is all you can do. In the field of data forensics
I would recommend having or at least knowing about particular
certifications. EnCase (
http://www.guidancesoftware.com/training/index.aspx ) is the industry
leader in data forensics where techniques and evidence collection have
been recognized by courts worldwide. Data forensics is such a new
market, general IT security is just now being taken seriously, there are
not a ton of established world recognized organizations with published
standards. It just has not matured yet. So I don't think any reasonable
employer would expect you to be an expert in all that is data forensics.

 

I think knowing the regulatory laws regarding data would be your best
place to start. In America you should know about the Sarbanes-Oxley Act,
in particular complying with section 404. Health Insurance Portability
and Accountability Act, FERC/NERC, FFIEC & CLBA, and ITIL. Some
international standards are ISO 17799, EU Directive, and UK Data
Protection.

 

Good Luck.

 

P.S. full-disclosure please ignore n3td3v.       

 

Angelo Castigliola III
EISRM - Application Security Architecture

Unum

acastigliola@...m.com

________________________________

From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Ivan .
Sent: Tuesday, November 11, 2008 6:45 AM
To: Anders B Jansson
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] [Cross Post] [Job Interview Guidance
Request]Computer Forensics Officer

 

People, ever thought it may be an entry level position? 

Best advice is to know you your stuff, and in the event you don't know
something, know where to look and how to find it. Look at it this way,
its problem solving. 

eg, Someone at your work is accused of surfing p0rn. What will you do to
gather evidence that may be admissible in court, in the event of the
employee being terminated and a wrongful dismissal case brought. 

Scenario questions are more than likely

cheers
Ivan

On Tue, Nov 11, 2008 at 9:53 PM, Anders B Jansson <hdw@...listi.se>
wrote:

Because if he doesn't know the industry he shouldn't seek, nor get, that
kind of job.

n3td3v wrote:
> You sound like you know the industry, so why don't you give him some
tips?
>
> On Tue, Nov 11, 2008 at 8:28 AM, James Matthews <nytrokiss@...il.com>
wrote:
>> If you know the industry then you will be able to answer the
questions.

>>
>> On Tue, Nov 11, 2008 at 9:58 AM, Aaron S. <cryptreaper@...il.com>
wrote:
>>> Hi,
>>>
>>> I have an interview with a government agency for the post of
Computer
>>> Forensics Officer. Has anybody had experience interviewing for a
>>> similar position? I would highly appereciate if anybody could give
me
>>> an idea about what to expect in the interview.
>>>
>>> I have read through the forensic wiki and electronic evidence
>>> information center sites and other resources on the Internet. I just
>>> need some idea of what to expect in the interview.
>>>
>>> Thanks in advance.
>>>
>>> Aaron.
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>

>> --
>> http://www.goldwatches.com/
>>
>> http://www.jewelerslounge.com/

>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



--
// hdw


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ