Forensics

So how good is your IT Security Administration? Below some of the list that is intended as a guide to the various areas that need to be reviewed to conduct a complete assessment of security administration.

• Organization and policies
• Procedures and post orders
• Personnel selection
• Staffing and background checks
• Education and awareness
• Contract management

Each aspect of this assessment is equally important to providing the client with a complete picture of the operation. You should understand that the assessment process is intended to document the current status of the security program for the client

Live View is a Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk. This allows the forensic examiner to "boot up" the image or disk and gain an interactive, user-level perspective of the environment, all without modifying the underlying image or disk. Because all changes made to the disk are written to a separate file, the examiner can instantly revert all of his or her changes back to the original pristine state of the disk. The end result is that one need not create extra "throw away" copies of the disk or image to create the virtual machine.

Live View is capable of booting
* Full disk raw images
* Bootable partition raw images