[CCCure CISSP] Android forensic Windows tools

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Android forensic Windows tools

Doug Spindler
Any one know of free or demo forensic tools for Android?  Also looking for good documentation.

Thanks

Sent from my Sprint phone.

----- Reply message -----
From: "Clement Dupuis" <[hidden email]>
To: "The CISSP Study Mailing list" <[hidden email]>
Subject: [CCCure CISSP] Cissp books questions
Date: Tue, Oct 22, 2013 12:32

Good day Abid,

The controls are not presented very well in many of the book.

Controls matches with Administrative, Technical, and Physical policies and approach.

You mention that CCTV is mostly for detection, I do not believe it is true.   Most people are recording events in real time but only very few company will have someone monitoring the output or intrusion detection built within their CCTV system.  It is mostly used to investigate after the fact.

CCTV/Video Cameras are a TECHNICAL control that are used mostly as a DETECTIVE mechanism after the fact.  The CCTV is compensating, if someone was able to breach your perimeter or even get into your building, then the intruder might be picked up be the CCTV even thou your fence or door lock failed.  This is how it can be compensating.

Having Video Cameras visible act as a DETERRENT.    If an intruder sees that a building is well lit at night with dozens of cameras, the intruder may not attempt to break in.

There is a huge TECHNICAL side to proper monitoring with CCTV.  You need cabling, you need power, you need recording devices with storage, you need bandwidth, you need to configure the software threshold, you need to configure the network parameters if they are IP cameras, etc... etc...  

Usually such control would have some policies or procedures on the administrative side, then you would have your actual hardware and software on the technical side, you would have the physical components as well.   CCTV are definitively supplementing your physical and environmental security.

Best regards

Clement





Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Tue, Oct 22, 2013 at 3:19 PM, abid James <[hidden email]> wrote:






Thank you the reply. i agree with you that controls can be fit into different categories. However, without giving the scenairo how can you categorize.
Let me explain CCTV as the official guide 2 ver it is put under compensating control, Generally, If you ask anyone why we use
CCTV camera i would say for detection. If the intruder sees the camera than it can be deterrent .
As per the official guide it says CCTV is a technical and compensating - could any one explain
i understand for the scenairo after doing the cost benefit analysis the cost of the security guard is more we can use CCTV . However i don't understand how it can be a technical control type.

Regards
Sameer


Date: Tue, 22 Oct 2013 11:44:55 -0700
From: [hidden email]
To: [hidden email]
Subject: Re: [CCCure CISSP] Cissp books questions


Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.

In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's book.


On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:
Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer




_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Android forensic Windows tools

Jason Brooks
did any one answer this request for you?


On Tue, Oct 22, 2013 at 4:36 PM, [hidden email] <[hidden email]> wrote:
Any one know of free or demo forensic tools for Android?  Also looking for good documentation.

Thanks

Sent from my Sprint phone.

----- Reply message -----
From: "Clement Dupuis" <[hidden email]>
To: "The CISSP Study Mailing list" <[hidden email]>
Subject: [CCCure CISSP] Cissp books questions
Date: Tue, Oct 22, 2013 12:32

Good day Abid,

The controls are not presented very well in many of the book.

Controls matches with Administrative, Technical, and Physical policies and approach.

You mention that CCTV is mostly for detection, I do not believe it is true.   Most people are recording events in real time but only very few company will have someone monitoring the output or intrusion detection built within their CCTV system.  It is mostly used to investigate after the fact.

CCTV/Video Cameras are a TECHNICAL control that are used mostly as a DETECTIVE mechanism after the fact.  The CCTV is compensating, if someone was able to breach your perimeter or even get into your building, then the intruder might be picked up be the CCTV even thou your fence or door lock failed.  This is how it can be compensating.

Having Video Cameras visible act as a DETERRENT.    If an intruder sees that a building is well lit at night with dozens of cameras, the intruder may not attempt to break in.

There is a huge TECHNICAL side to proper monitoring with CCTV.  You need cabling, you need power, you need recording devices with storage, you need bandwidth, you need to configure the software threshold, you need to configure the network parameters if they are IP cameras, etc... etc...  

Usually such control would have some policies or procedures on the administrative side, then you would have your actual hardware and software on the technical side, you would have the physical components as well.   CCTV are definitively supplementing your physical and environmental security.

Best regards

Clement





Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" value="+17035358600" target="_blank">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" value="+14074336444" target="_blank">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Tue, Oct 22, 2013 at 3:19 PM, abid James <[hidden email]> wrote:






Thank you the reply. i agree with you that controls can be fit into different categories. However, without giving the scenairo how can you categorize.
Let me explain CCTV as the official guide 2 ver it is put under compensating control, Generally, If you ask anyone why we use
CCTV camera i would say for detection. If the intruder sees the camera than it can be deterrent .
As per the official guide it says CCTV is a technical and compensating - could any one explain
i understand for the scenairo after doing the cost benefit analysis the cost of the security guard is more we can use CCTV . However i don't understand how it can be a technical control type.

Regards
Sameer


Date: Tue, 22 Oct 2013 11:44:55 -0700
From: [hidden email]
To: [hidden email]
Subject: Re: [CCCure CISSP] Cissp books questions


Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.

In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's book.


On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:
Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer




_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Android forensic Windows tools

Doug Spindler

Nope

 

 

From: CISSPstudy [mailto:[hidden email]] On Behalf Of Jason Brooks
Sent: Friday, November 15, 2013 1:05 PM
To: The CISSP Study Mailing list
Subject: Re: [CCCure CISSP] Android forensic Windows tools

 

did any one answer this request for you?

 

On Tue, Oct 22, 2013 at 4:36 PM, [hidden email] <[hidden email]> wrote:

Any one know of free or demo forensic tools for Android?  Also looking for good documentation.

 

Thanks

 

Sent from my Sprint phone.

 

----- Reply message -----
From: "Clement Dupuis" <[hidden email]>
To: "The CISSP Study Mailing list" <[hidden email]>
Subject: [CCCure CISSP] Cissp books questions
Date: Tue, Oct 22, 2013 12:32

 

Good day Abid,

The controls are not presented very well in many of the book.

Controls matches with Administrative, Technical, and Physical policies and approach.

You mention that CCTV is mostly for detection, I do not believe it is true.   Most people are recording events in real time but only very few company will have someone monitoring the output or intrusion detection built within their CCTV system.  It is mostly used to investigate after the fact.

CCTV/Video Cameras are a TECHNICAL control that are used mostly as a DETECTIVE mechanism after the fact.  The CCTV is compensating, if someone was able to breach your perimeter or even get into your building, then the intruder might be picked up be the CCTV even thou your fence or door lock failed.  This is how it can be compensating.

Having Video Cameras visible act as a DETERRENT.    If an intruder sees that a building is well lit at night with dozens of cameras, the intruder may not attempt to break in.

There is a huge TECHNICAL side to proper monitoring with CCTV.  You need cabling, you need power, you need recording devices with storage, you need bandwidth, you need to configure the software threshold, you need to configure the network parameters if they are IP cameras, etc... etc...  

Usually such control would have some policies or procedures on the administrative side, then you would have your actual hardware and software on the technical side, you would have the physical components as well.   CCTV are definitively supplementing your physical and environmental security.

Best regards

Clement

 


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" target="_blank">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" target="_blank">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------

 

On Tue, Oct 22, 2013 at 3:19 PM, abid James <[hidden email]> wrote:

Thank you the reply. i agree with you that controls can be fit into different categories. However, without giving the scenairo how can you categorize.
Let me explain CCTV as the official guide 2 ver it is put under compensating control, Generally, If you ask anyone why we use
CCTV camera i would say for detection. If the intruder sees the camera than it can be deterrent .
As per the official guide it says CCTV is a technical and compensating - could any one explain
i understand for the scenairo after doing the cost benefit analysis the cost of the security guard is more we can use CCTV . However i don't understand how it can be a technical control type.

Regards
Sameer


Date: Tue, 22 Oct 2013 11:44:55 -0700
From: [hidden email]
To: [hidden email]
Subject: Re: [CCCure CISSP] Cissp books questions

 

Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.

 

In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's book.

 

On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:

Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

 


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

 


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org