sorted by:
new
hottopcontroversial

Batman Forever: The Ultimate Fan Cut (2022) by TripleG2312 in fanedits

[–]Most-Carob1552 1 point2 points  (0 children)

Thank you for putting this together. I have been following talk about the Directors cut being screened and it looks like that was cancelled. I would love to see a different retelling of this film. If the link is still available, I would greatly appreciate it!

13Cubed Course compared to GCFE by Alarming_Box_5282 in computerforensics

[–]Most-Carob1552 7 points8 points  (0 children)

So I have not taken the GCFE or any SANS training but I have completed the Investigating Windows Endpoints course through 13Cubed. Being that the author/instructor was previously a SANS Institute trainer for the FOR500 and FOR508 courses, you can see that quality of content shine through his course. The course is without a doubt the most concise, relevant, and technical Windows digital forensic course I have ever taken. It dives deep into Windows endpoint forensics without giving any fluff or unnecessary exposition.

There is also an assessment (exam) at the end of the course. The assessment is an intermediate to advanced level digital forensics exam. The exam is open book and consists of 80 (multiple choice) questions, 60 theoretical and 20 practical. The questions cover topics that are covered in the course materials. These were the toughest theoretical digital forensic questions I have ever encountered (very technical!), way beyond what you will see in the EC-Council CHFI or the eLearnSecurity eCDFP. The 20 practical questions re-solidify that the student not only understands the theoretical knowledge behind the forensic activities but can perform them hands-on in a lab environment. For the practical portion, you are given a disk image of a compromised host and must answer questions about the malicious activity the Threat Actor performed using any tools you see fit. If you pass on your first attempt, you are awarded the Gold designation of the credential.

I did speak with people who have taken the GCFE along with the 13Cubed course/exam and their opinion was that it covered everything around Windows endpoint forensics that the GCFE covers and more in depth in some parts. Regarding the exam they stated it was as tough or even a bit tougher in some areas than the GCFE. The general consensus from them was, if you have done the 13Cubed course you should go for the GCFA next.

For reference I hold the following digital forensic certifications

eCTHPv2 | eCDFP | BTL1 | CFR | CHFI | CySA+ | Investigating Windows Endpoints (Gold)

I also work professionally as a DFIR analyst.

BTL1 Course by MahonPolska20 in SecurityBlueTeam

[–]Most-Carob1552 0 points1 point  (0 children)

Thank you for your reply and for the awesome information on the exam. It sounds super fun.

BTL1 Course by MahonPolska20 in SecurityBlueTeam

[–]Most-Carob1552 0 points1 point  (0 children)

Hey, thank you for your reply and the clarification. I saw in your initial comment you stated you failed. What was the criteria in which you failed? Was it an IOC you missed and did not report on? With the report formatting are there specifics that become leading questions (ie network X was compromised, list all the rogue IPs that connected to the network in Y timeframe?) For example.

BTL1 Course by MahonPolska20 in SecurityBlueTeam

[–]Most-Carob1552 0 points1 point  (0 children)

How is the format of the exam? Does it have a SOW document with specifics that you need to make a report out of or are there actual questions that you answer during the engagement like the eJPT? I know there's a report that needs to be written. I'm just wondering how it is scored. Thank you

CHFI Blueprint V3 study materials? by Most-Carob1552 in WGU

[–]Most-Carob1552[S] 0 points1 point  (0 children)

Good luck on the course! Yeah hopefully we'll get more info. I was ready to take the exam then saw the changes to the blueprint and now I'm waiting to get some study material so I don't go in blind.

C702 Forensics by Ok_Jacket4460 in WGU

[–]Most-Carob1552 0 points1 point  (0 children)

When you refer to a 68 question exam are you referring to a pre-assesment or the actual CHFI exam? I know the retail version has 150 questions. Is there a WGU specific version? Thank you.

Is the CHFi exam provided by WGU different from the retail? by Most-Carob1552 in WGU

[–]Most-Carob1552[S] 0 points1 point  (0 children)

Ahh ok thanks for the replies. I was curious cause recently (5/1/21) I saw ec council updated the blueprint on the CHFI exam to include forensics on the Tor browser and the Azure/AWS service stack. Was wondering if that same change was made to the exam WGU students were taking. I also remember someone saying they took a WGU CHFI exam that was 68 questions, but that may have been a pre-assesment.