This paper focuses on Know Evil to Find Evil. Above is a link to an article where an ethical hacker describes the investigative process for an intrusion investigation. This brings up the idea that one must know evil to find evil.
Know Evil to Find Evil- investigative process for an intrusion investigation
Here’s the instruction:
Above is a link to an article where an ethical hacker describes the investigative process for an intrusion investigation.
This brings up the idea that one must know evil to find evil. During this course I have talked about how a forensic analyst would benefit from having knowledge of the crimes they are investigating. As an ethical hacker, one must know how to exploit a system. Be aware of all the artifacts left behind, and know how to create the desired result.
The argument could be made that someone who is an ethical hacker would be a better forensic analyst when investigating intrusion incidents.
Firstly, how would you use this model in relation to the types of investigations you are interested in?
Secondly, if you were interest ed in healthcare fraud, would becoming an expert in healthcare programs make you a better fraud investigator?
Thirdly, if you were interest ed in financial fraud, would becoming an accountant make you a better fraud investigator?
Fourthly, Reply to this discussion with some possible paths to help you know the evil you want to find.
Also, these paths could be in academia, real-world work experience, hobbies, or other certifications.
Additionally, please provide some context to your path, a list of courses or jobs will not be sufficient.
Provide an explanation of how you determined that your path is relevant to the evil you want to find.
Intrusion investigation is an exciting and dynamic process that requires strong technical skills and effective case management, often requiring a team of digital investigators and forensic examiners. In practice it sometimes seems like controlled chaos, particularly when an intruder is still active on the victim systems. Digital investigators have a better chance of navigating the challenges and complexities of intrusion investigations if they follow the scientific method and scope assessment cycle. In addition, the success of this type of investigation depends heavily on having a mechanism to keep track of the investigative and forensic subtasks.