Having fun while learning about and pivoting into the world of DFIR.
by ogmini
Continuation from Part 7 looking back at my coursework in the Master’s Degree in Digital Forensic Science. In this post, I’ll be talking about DFS-560 Digital Forensics Encryption.
I found this class rather boring. I’ve dealt with implementing and working with encryption in my professional life. There were discussions on password complexity, full disk encryption, different types of encyption, certificates, password management, and password encryption.
The labs highlighted the how one might try to defeat encryption. I felt they were unrealistic and a little behind the times. You really aren’t going to be breaking TLS encrypted traffic after the fact without having something setup beforehand. Two of the labs involved examining captured network traffic. There was one rather funny lab that involved a photo of a post-it note with some text on it. Which of course ended up being the password written backwards that the suspect used to encrypt a file. I guess people still do write down their passwords.
Still, the discussions with the rest of the students was very enjoyable.