±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 36317
New Yesterday: 0 Visitors: 138

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Another n00b, another questions ;-)

Discussion of computer forensics employment and career issues.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 

Senior Member

Re: Another n00b, another questions ;-)

Post Posted: Dec 30, 06 23:15

Incident response is often a system admin function in response to a system compromise. The goals include quick restoral of server/workstation functionality; investigation of compromise vector so all other business nodes can be patched; determination if the compromise was internal or external. Skills needed: OS and application specific, computer security, business objectives.

CF is traditionally intended to investigate a system with the ultimate intent of testifying in court. Preservation of evidence, chain of custody and admisability of evidence are essential goals. Skills needed forensic techniques; law; data recovery.

Others will also be able to suggest additional differences.


Re: Another n00b, another questions ;-)

Post Posted: Dec 30, 06 23:19

ddow, very good explanation. Thanks.  

Page 2 of 2
Page Previous  1, 2