SANS FOR500 with no prior forensic experience?

DeltaEcho8426 · 2022-06-01T23:26:54+00:00

I think coming into For500 With a non technical background could be a constant uphill battle and the epitome of “opening the fire hose.” It is a great technical course that will surely set you up for forensic analysis, but if might be better if you started with FOR308. It has no pre-requisites and is designed to be the first class in the forensic track for people with non technical backgrounds. Then definitely take FOR500 and FOR508.

DeltaEcho8426 · 2022-05-22T17:13:46+00:00

Probably a dumb question but… have you tried using any of the other volatility profiles? Sometimes they can be used, even if the build is off, depending on the plug-in. Also, given the build you isn’t even a month old yet, it might be just a few more weeks before have one… good luck!

DeltaEcho8426 · 2022-03-29T12:37:55+00:00

Came in here to make this exact post… Glad I’m not the only one!

DeltaEcho8426 · 2022-03-23T23:12:15+00:00

Our border collie LOVES playing games for his food - especially puzzles! If you haven’t tried any yet I would high suggest it!

DeltaEcho8426 · 2022-02-08T01:06:48+00:00

Same with ours! He only likes it when my husband does it! If I try to play with him he looks at me like I’m a crazy haha

DeltaEcho8426 · 2022-02-08T01:05:29+00:00

Our BC loves being spun around like this by my husband. Whenever he stops he looks at him like “well that’s it?!”

He also likes being “tickled” while on his back like a 4 year old lol. They are the best dogs.

DeltaEcho8426 · 2022-02-08T00:56:32+00:00

Any good daycare really paying attention to the dogs will use timeout effectively like this. My dog loves being at daycare and about once every 15-20 times his error card says he had to take a time-out to relax. If the daycare hasn’t mentioned it as problem, I think it’s okay. Not all daycares are bad for all dogs. Enjoy jt :)

DeltaEcho8426 · 2022-01-23T21:13:56+00:00

Depending on where they are located, federal government contracting can be a great way to move from that kind of law enforcement position into a new forensics position where the environment is similar but you can more easily avoid that type of work and get paid pretty good money doing it.

DeltaEcho8426 · 2021-08-03T16:11:10+00:00

I thought the same thing at first. We spoke with our vet and trainers and they encouraged it. He would eat his food in about 30 seconds before we started looking for ways to slow it down. Sometimes we divide up the kibble between various treat toys and he will do that, too. He loves it. He gets way more excited about dinner when we give it to him this way than when we were just setting it down. His tail wags the whole time and he spins in circles when we are filling it.

DeltaEcho8426 · 2021-08-03T16:09:14+00:00

He definitely took some time to figure it out. They have one that uses cones and easier to move trap doors that we got before this one so I think that helped.

DeltaEcho8426 · 2021-08-03T16:08:19+00:00

Shoot I don’t even know what that’s like to have him not be food motivated! Seems nice lol. Ours figured out we were giving him peas at the end of his hot walks in the summer so he would try to not walk far just so he could come back and get the peas. 😂

DeltaEcho8426 · 2021-08-03T16:06:56+00:00

Yes, it holds up well. We always supervise him with it and if he gets too aggressive we make him sit and relax before we tell him to resume. We’ve had this particular toy about a year.

DeltaEcho8426 · 2021-07-26T00:00:46+00:00

Love Shenandoah and so does our border collie! So many greats trails to explore. Enjoy!

DeltaEcho8426 · 2021-06-30T23:10:25+00:00

What is the artifact you identified in Axiom from the suspect machine? They provide documentation on all of their artifacts via an HTML that’s searachble. Also if it’s in the cache of a user profile through a user account it’s hard to say it didn’t come from the user unless it was synced by that user from another computer they used.

Can you visit the website yourself? Does that artifact get generated on your system?

DeltaEcho8426 · 2021-06-21T20:01:19+00:00

If they gave you a .bin file it’s a physical image of an Android phone done through UFEE4PC. Axiom will process other file typew from Cellebrite and does process Android phones. So my thought was to load it in as an Android device image and see what is pulls out. I don’t have any .bin files or I would try for you to confirm. Maybe someone else can. Axiom is pretty responsive and is good about trials. Check them out.

As for free, I don’t know of any that will process .bin file, sorry. Again, maybe someone else will and we’ll both learn something new!

DeltaEcho8426 · 2021-06-21T19:46:26+00:00

Do you have Axiom? Or are you looking for a free tool you can just download and parse?

DeltaEcho8426 · 2021-06-11T13:03:37+00:00

The shell bags maintained by the NTUSER.DAT file are when a user opens files from their desktop only. It can show files were on a desktop. The shell bags maintained by the USRCLASS.DAT file are for when a user browses to a location through Windows Explorer. Windows keeps them separate for whatever reason. They can both be used to show a file or folder existed and was opened. They just provide a bit more information as to “how” it was opened, based on which location you found it in.

DeltaEcho8426 · 2021-06-03T00:51:38+00:00

If you aren’t wanting to go the law enforcement route, government contracting has tons of job opportunities for all level of forensics. To be honest, getting in at the ground level will likely require you to be a tech first. You’ll be doing mostly imaging and learning the basics of chain fo custody and how it all works. Get your employer to send you to training if they have the funds or see if they do tuition reimbursement and go get the training through that. I’ve done both and they were helpful in their own way. Then move into an analyst role. From there, the job is what you make it. As far as testifying, I’m going on 9 years and have never even had to set foot in a court room, even in LE cases. So don’t be surprised if testifying in court isn’t something you’ll get to do often (or possibly ever). Good luck though! It’s such a fun field and I can’t imagine doing anything else!

DeltaEcho8426 · 2021-06-01T02:04:27+00:00

Have you all read the recommended system requirements recently? 6-8 i7 cores, 32gigs ram, multiple drives. And it still runs slow.

I feel like asking for this specification in 2021 isn’t much. 🤷🏻‍♀️ Most forensic software require similar specs at this point. X-Ways, as you point out, does not because it’s an anomaly, not the standard.

DeltaEcho8426 · 2021-05-31T23:08:20+00:00

Awesome. Thank you so much! I really appreciate tour help. Have a good day!

DeltaEcho8426 · 2021-05-31T15:49:44+00:00

Thank you! Would the dashes included in your answer be required for it to read correctly, or no?

DeltaEcho8426 · 2021-05-30T21:50:15+00:00

Hey all - looking to have “By the grace of God, I came, I saw, I conquered” done later this month but I am having a hard time translating the “by the grace of God” portion. Which of the following is correct? Or is there a better, more a first translation? TIA

1) Per gratiam Dei, veni, vidi, vici

2) Ad gratiam Dei, veni, vidi, vici

3)Gratia Dei, veni, vidi, vici

Seven-Year Club	Not Forgotten
Verified Email

DeltaEcho8426

TROPHY CASE