SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis paper is the practical assignment required to obtain the GIAC Certified Forensic Analyst (GCFA) security certification (version 2.0 - Option 1). It consists on the investigation and forensic analysis of a piece of evidence, an USB flashdrive, collected during the incident response phase of a case involving personal harassment in CC Terminals. The investigation focuses on obtaining a clear picture of the incident based on the analysis of the evidence gathered, establishing how it might have been used by the suspect. In order to ensure success of the forensic process, four basic principles were followed: attempt to minimize data loss, record everything, analyze all the data collected and report the findings effectively. The methodology followed, the tools and procedures used and the conclusions obtained have been included in this paper, being as much accurate as possible. The report also covers legal issues related to the laws in my home country, Spain. The forensic analysis has been mainly performed using open-source tools, because they are free and work well from a forensic perspective 1 .
Raul is founder of DinoSec, where he performs advanced cybersecurity analysis services, security research, and technical training. For 20+ years, he has applied his expertise, innovating offensive and defensive solutions for organisations worldwide.
Read more about Raul Siles