(Dark Reading) Cyber forensics has become a hot topic in security — and a critical skill that many enterprises would like to hire. But exactly what skills and experience does a security pro need to become a forensics expert?
The first set of skills is knowledge of IT technology and its relationship to the collection of security data and digital evidence. For example:
• From the boot sequence to process handling and resource allocations, you must understand the many elements of operating systems and how each OS influences the existence of digital evidence.
• Beneath the OS, you must be able to differentiate the underlying file systems — how and where digital evidence is structured, stored, and accessed.
• Behind these logical components, you must have a solid knowledge of how physical hardware — or storage media — determines how digital evidence is stored and distributed
These aspects of forensics are also useful in other security-related pursuits, such as e-discovery or incident response, making them foundational skills that are essential to every cyber forensic professional. Depending on where you practice and the technologies in your environment, you may also need other technical skills and knowledge, such as cryptography or network communications…read full article