Value of EnCE Certification

The value of computer certifications in general is debatable. For many certifications it is possible to simply study a book, maybe purchase some Transcenders, take the exam and call yourself "certified." I know several people who have brought "certified" individuals in for interviews and sat them down in front of relevant operating system or piece of equipment only to find that this person either has no idea how to log on or to power on the equipment.

Guidance Software has nullified this concern with the EnCase Certified Examiner (EnCE) certification. While you could theoretically pass the written portion of the exam by studying a book such as The Official EnCase Certified Examiner Study Guide by Steve Bunting and William Wei, the practical portion of the exam requires at least a moderate amount of experience with computer forensic analysis.

Even for the experienced examiner there are portions of the exam that can prove challenging. In some cases the challenge is derived from the fact that the certification candidate has not performed a particular analysis technique before. In other instances the challenge is in bringing seldom used analysis techniques to the forefront of one's mind.

Regardless of how the certification candidate is challenged, one thing holds true: Guidance Software has built the EnCE exam to test and reinforce the tenets of computer forensic analysis.

I read a post in a computer forensics forum recently in which the poster was asking about computer forensics certifications. The post is several years old but still relevant and somewhat humorous. The individual was looking for information about the EnCE certification. He claimed to be looking for a certification that would help him increase his salary and enhance his ability "to get girls" and wondered whether the EnCE was his ticket.

In terms of the EnCE's ability to help him increase his salary, I'd say it depends on the employer. Some employers value the commitment that it takes to obtain a certification and will reward the individual appropriately, whether by salary increase or perhaps a bonus. Other employers will view a certification as something that is just "nice to have" and let you go on your merry way.

In my opinion, certification (and the EnCE in particular) is a way to validate your skills. Computer forensics is a niche skill and while there may be a number of people out there who say they have used EnCase or "done forensics" before, there are not a tremendous number of people who have validated their skills by becoming certified. My advice to the previously mentioned prospective certification candidate is that the EnCE certification will make you stand out from the rest of the application pool being received by potential employers.

Sure, there is always that guy who has no education beyond high school and no technical certifications but is an absolute genius when it comes to things IT. Unless you know this guy and have worked with him though, when it comes to the interview he's just a guy who has some computer experience. If you go in to the same interview with some experience and the EnCE, you win (in my opinion) because you have the experience and the certification to validate that experience.

I was married prior to obtaining the EnCE so I can't really opine on whether or not said certification enhances one's ability "to get girls." If I were a betting man, which I am, I'd say no. A technical certification may have worked to his advantage in the mid-Nineties but these days most certifications are so dime-a-dozen that girls just aren't impressed anymore.

Computer Forensics

When you hear of computer forensics, the first thing that pops to mind might be a Crime Scene Investigator, pulling the plastic sheet off of a computer and inspecting for signs of a struggle. Nobody really ever talked about forensics in daily life until they started making those scientifically accurate prime time cop shows, so of course, simple word association generally leads us to forensic sciences being "Something cops do, right?"

Incidentally, the science behind computer forensics really isn't much different from the science between crime scene forensics. In both instances, the forensics team or expert is looking for a trail of evidence. In either case, the investigator looks at what has happened, determines how it happened, and from that, deducts who might be responsible.

The major difference between the two is that, while an investigator on the scene of a robbery or a violent crime is looking for physical evidence, the computer forensics investigator is looking for digital evidence.

Interestingly, where physical evidence can often be misleading, confusing, ambiguous, and difficult to put together without the help of witness statements, digital evidence tends to present itself in a much more direct manner.

A computer keeps logs of pretty much everything that has been done with it. For example, besides your browser history, there's also your temporary internet folder, where information from the web is stored on your computer. So, say an employee is watching YouTube all day when they're supposed to be working. Even if they're smart enough to clear the browser history, the temporary internet files may still hold the evidence that will earn them a warning.

That's only a very simple example, of course. Computer forensics addresses everything from computer crime to employee misconduct, to such mundane tasks as figuring out why your virus scanner isn't working.

The point is that everything you do on a computer leaves a mark. Deleting a file from your hard drive is not same thing as deleting all the evidence that it was ever there. Just as every room in your house holds some DNA evidence, be it a hair, saliva, or a toenail clipping, no matter how well you vacuum and shampoo your carpets, there will be some evidence that this is your home. The same goes with computers. You can't do anything on a computer without a computer expert being able to figure out exactly what you've been up to.

One issue that many find confusing with regards to computer forensics ... how legal is it, really?

This depends on the context. Here's all you need to know if you're considering hiring a computer forensics team, but aren't sure if you can:

If you suspect an employee of breaking company policy or even breaking the law with a computer that belongs to the company, you do have the right to take a look at the computer they've been working any time you like.

It gets a little trickier when an employee is working on their own computer. This isn't a dead end, but it may be a little trickier. Luckily, you don't always have to look at their computer to find evidence of what they've done on their computer. In any case, go ahead and call your forensics people, and they should be able to advise you on how far you can go to gather the evidence you need in order to take action.

Really, computer forensics is simply the art of finding a trail of evidence on computers, simple as that. You never know when you'll need such services, so it's a good idea to keep them in mind in case you ever do.

Computer Network

Wireless networks located in multiple categories, depending on the size of the physical area that can be covered by network.

The following types of wireless network meet the needs of multiple users:

* Wireless personal - Area network (PAN).

* Wireless Local Area network (LAN).

* Wireless Metropolitan-Area network (MAN).

* Wireless Wide - Area network (MAN).

This is using the expansion all major cables for wired networks (such as LAN or WAN) used for years before it enters the wireless network.

Each type of wireless network has the advantages of complementary meet multiple requirements. The following paragraphs explore each type of wireless networks in a concise manner.

Wireless networks (PANS):

The area of wireless networks is a relatively short (up to 50 feet) and most of their effectiveness to meet the needs of a small room or in the cargo area. PANS networks is the performance of the average of data rate of up to (2MBPS). Imperatives followed these advantages for the replacement of cables in many cases.

PAN wireless network includes a person synchronize personal PDA with his laptop computer or personal computer. In a similar, PAN wireless network can provide radio communication to the printer. The advantage of the abolition of knots in the wire when using this type of computer is very useful, where the initial installation of the equipment is easy.

Wireless networks (LANS):

Networks wireless LANs provide high performance within and around office buildings and labs, and homes often have the users in these areas laptop computers, personal computers, PDA screens and processors to support large applications. LANS meet the requirements of communication for these types of computers effectively.

For example, in the work it can be installed the wireless LAN network to provide mobile access to the common applications of laptops. This type of system, the user can, while far from his office, take advantage of network services from the conference rooms and other rooms. That allows staff to be more effective while working away from their offices and more cooperative with each other.

Wireless networks LANS provide the performance levels enable applications to operate smoothly. For example, the wireless network LAN users can easily see e-mail attachments or a large scale video server of the invisible with data rate up to (54 MBPS). Wireless LAN network can meet only networks with the limits of web applications a house or office.

Wireless networks (MAN'S):

MAN'S wireless network includes areas with the size of cities.

Wireless Service Providers (WISPs) Provide wireless networks in cities and remote areas in order to provide homes and firms for wireless communications. Wireless networkings MAN provides the positive benefits and are appropriate when it is impractical to install a traditional wired communications such as (DSL and cable modem). Wireless networks WANS are effective when the right path for the cable systems have made it not possible or too expensive.

Wireless networks (WAN'S):

MAN networks known as mobile wireless applications cover a large area, such as state or continent. Because of the economic side, the operator is able to do remote deployment of the operational infrastructure of the wireless network MAN in order to provide relatively inexpensive long-distance communication for a lot of consumers. It is possible to distribute the costs of such a deployment across multiple users. It provides low fees -subscription.

Virtualize Servers Today

How do you accelerate virtualization for your enterprise - and take IT flexibility and cost savings to the next level? WAN optimization is a class of technology that has rapidly been adopted across enterprises in order to address the challenges of bandwidth limitations and latency over the WAN. In this paper, we examine the trends toward server consolidation and virtualization, and how WAN optimization can help IT organizations like yours solve the key challenges of application performance and information availability within these environments.

Virtualization and infrastructure consolidation can offer significant benefits for both IT and business operations. The combination of WAN optimization solutions along with virtualization offers CIOs the unique opportunity to strategically enable their IT operations, and improve service delivery while saving costs at the same time. IT managers would be well served to consider both technologies as key components of the IT infrastructure going forward.

From data center to desktop, Microsoft Virtualization delivers. At Microsoft, virtualization means helping IT departments maximize cost savings and improve business continuity. Our solutions address both physical and virtual infrastructure, and can be easily managed through a single console.

A Familiar Platform
Microsoft virtualization solutions are based on familiar Windows interfaces and work with well-known Windows-based technologies. And because the solutions are Windows-based, they are supported by a broad network of experienced partners who can rapidly respond to your business needs.

Savings and Value
With Hyper-V in Windows Server & system center, virtualizing your enterprise with Microsoft can cost less than competitive products and help you maximize the return on your virtualization investment.

Seamless Physical and Virtual Management
Microsoft virtualization technologies enable you to optimize your assets, centrally managing all of your physical and virtual resources across multiple hypervisors down to the application level.

Fight Against Computer Crime

Computer technology has attracted its fair share of criminal activities from those looking to exploit and capitalise on people's reliance on the computer to run their daily lives. After all, author Jolly John singled Singapore out for being 'the most network-ready country', signifying both our dependence on new-age technology and the capabilities of the talent we have. However, there are dire consequences to be dealt with should the intentions of those with the ability to manipulate the systems deviate to malice.

In their efforts to safeguard against computer crime, the Singapore Government has set up various measures through a multi-pronged approach. The first step is to keep up governing laws with the fast changing developments of technology and the opportunities for dismeanour it presents by passing new legislation. Singapore passed the Computer Misuse Act in 1993, which has since been amended four times.

The Computer Misuse Act punishes perpetrators of computer crime, rather than cyber crime. Computer crime refers to crimes against a computer through acts that attack a computer system. The Act covers unauthorised access to a computer, or computer material without authorisation, modifying the contents of a computer without authorisation, obtaining or intercepting any computer service or function, interfering with or obstructing the lawful use of a computer, impeding or preventing access to or impairing the usefulness or effectiveness of any computer program or data, or disclosing a password, access code, or other means of gaining access to a program or data. To take just the first example, any person who uses a computer to secure access to another computer without authorization shall be guilty of an offence.

On the other hand, the existing Penal Code governs cyber crime, which is traditional crime like fraud, theft or extortion abetted through the computer. As opposed to carrying out crime against a computer, perpetrators carry out their illegal acts through the computer.

Through the Computer Misuse Act, the law punishes and deters computer criminals by meting out harsh penalties including imprisonment and fines. Crimes targeting the bedrock of our nation's critical industries like banking and finance, communications or transportation and public services warrants the harshest punishment - a fine up to $100,000 and/or imprisonment up to 20 years. It is also noteworthy that a Court can order compensation to be paid by the offender for any damage that is caused, and such compensation which is ordered does not prevent or restrict a civil claim for damages which exceeds the compensation amount.

The next step it has taken is to set up agencies that ensure the enforcement of these laws. These specialised agencies include the Singapore Computer Emergency Response Team, Computer Crimes Branch of the Criminal Investigation Department (CID) and Computer Forensics Branch of the Singapore Police.

Operated by professionally-trained tech experts, they can exercise their power with extra-territorial jurisdiction. They are trained in all aspects of computer investigation, one of which is the emerging field of computer forensics. This intricate process of investigation enables the retrieval of consequential data from computers, computer networks, data storage media and related equipment that may contain evidence which can be presented in court. They first analyse the data and meticulously document and preserve the evidence to be presented before court. This operation requires highly trained professionals as it involves delicate procedures where a single wrong move can destroy or modify the evidence.

If one suspects a breach but don't want to bring it directly to the authorities, there is the option of approaching private forensic investigators like Adroit Data Recovery Centre (ADRC). Due to the increase in violations of the Computer Misuse Act, ADRC has set up a forensic investigation department to deal with the influx of such investigative requests.

With more than 10 years of experience in the data recovery market, ADRC is well equipped with certified computer forensic experts who are capable of securing and documenting digital evidence with full audit trail suitable for court submission and performing data recovery under all adverse situations. They also have their own class 100 clean laboratory. Without having to move evidence around, this minimizes the risk of evidence being contaminated.
Computer users should also adopt preventive measures to safeguard their computers against computer crime, which is a very real threat that has the potential to be even more damaging given our reliance on computers these days.
Adroit Data Recovery Centre (ADRC) Pte Ltd is South East Asia's leading data recovery centre equipped with the first Class 100 clean laboratory in Singapore. It has an un-paralleled capability and the setup to acquire and collect the digital evidence from all kinds of working or damaged media while observing the strictest process of computer forensic investigation.

Data Forensics

Data forensics is one of the sub branches of computer forensics. It is essential to establish legal evidences as found in computers and its storage media. Its primary goal is to give a clear explanation of a digital artifact's state. Digital artifacts include storage devices, computer systems or electronic documents.

Data forensics are employed for a couple of reasons. It is a significant portion of data recovery for either hardware or software failures. It also helps analyze how an attacker was able to break-in to a system. It is also important to gather information about an employee that a certain organization wants to terminate. Alongside all these reasons, different steps are followed in the database forensics process.

There are several steps involved in the entire forensics process. These are as follows:

• Preparation of the investigator. An investigator must have an ample background of the subject matter. He should be trained enough to know the facets of the process. He validates all data needed by the courts basing on generated reports. Since there are many tools to choose from, the investigator should determine the appropriate tool to be applied for the case.

• Collection of data. The data are gathered in the form of digital evidences. Data forensics make use of tools such as computers, hard drives, CD-ROMs and even cellular phones or digital cameras. The data should be carefully handled to assure that no changes are made. Documentation and the use of reliable tools will help secure the collected data for forensics use.

• Examination. There are two ways by which data are examined. Traditionally, the dead data analysis is employed. This is one method where investigations are performed on hard drives or any data at rest. Currently, the live data analysis is also used. This is helpful when the attacker does not make use of the computer's hard drive. This is also important if the person makes use of cryptographic storage devices where data intervention may no longer be seen once the computer shuts-off.

Once the data are gathered and examined, the data forensics investigator may report the incident to management or to whoever needs the data. Following these steps require careful scrutiny of the scenario. This will ensure that all legal actions will be imposed on the attacker. In like manner, it will help dictate the punishment to be given to the offender.