00:52:30 Anna Edwards: Hi from Adelaide (I'm terrible at Netball so you

you're not missing out!)

00:52:30 elizabeth waller: hi from Melbourne, looking forward to the course
00:52:32 SHAMRAZ T: Hello everyone
00:52:34 Brent: Hi from Sydney
00:52:36 Jerry Paul Acosta: aloha gikan Cebu Philippines!
00:52:36 Miguel Aguilar: Hi from México
00:52:37 felicityjane: Hi Sunshine Coast in Queensland Australia
00:52:37 Anna Edwards: Hi Daniel, Saffe here in Adelaide
00:52:40 Gerard Ravasco: hi fromCambodia
00:52:43 RachelC: Hi from South Africa
00:52:43 Jeremy Appleby: Hi Everyone, Jeremy from Melbourne here :)
00:52:44 Anoop Sud Stanhope Gardens Sydney: Good Evening
00:52:44 Ripon Basak: Hi, from Sydney
00:52:45 Amrith Shetty: Hi from Melbourne
00:52:45 D@v0: No Dino :(
00:52:52 Eason Mai: Hi All from Sydney, rain been lasting for a whole week
00:52:54 Mariecris Oconroy: Hi all from Philippines
00:52:55 Twisha Sevak: Hello - Sydney, NSW
00:52:57 Leanne M: Hello from Geelong
00:52:58 SHAMRAZ T: Hi from India
00:52:59 Keith Newman: Hi From lake Macquarie
00:53:02 Andrew Haines: Hi from Perth
00:53:02 SC: Hi from Auckland
00:53:05 RAD: greetings comrades. I am from socialist republic of melbourne
00:53:06 Craig McDonald: Hi from Bayside SE Melbourne
00:53:12 Jon Moyses: Another one from Melbourne, welcome
00:53:12 Kelli Guldbransen: Good evening from North Qld
00:53:17 Nwabisa Mabuto: Hello from Johannesburg South Africa
00:53:19 Trudy Cadman: Hi from the UK
00:53:19 Anton: Hi from Melbourne
00:53:27 Faith Moyo: Hi from Zambia
00:53:38 Elena S: Hello from Lake Macquarie
00:53:39 Jitesh Sharma: Hello from Sydney
00:53:42 Andrew Magwaro: hie from Brisbane
00:53:44 Zahid Noor: Hi all I am from Rome, Italy
00:53:55 pdini: Hi, From Vanuatu
00:53:58 Henry Osei: Hi, from Ghana west Africa
00:54:09 Matthew THOMAS: Time Travel is cool
00:54:12 Deepak: Hello from Melbourne
00:54:14 Jarrad H: Great, I was just about to ask about the recording as I
wont be able to make every Tuesday night, Cheers
00:54:33 IAdeyemi: Hi from Nigeria
00:54:38 Ravi Zinzuwadia: hello from Sydney student of Tafe NSW
00:54:44 George Kiio: Hello
00:55:01 Bernadet: Hi from Perth
00:55:10 Chris: G'day from Melb all
00:55:19 Victor C.: Hello
00:55:31 Sherwin Xavier: Hi All,Good Morning from Dublin, Ireland
00:55:42 kayalatage: Hi everyone, I am from Bayside in Melbourne
00:55:44 Abhijeet Mukherjee: Hello from flooded Penrith, Sydney
00:55:49 Tina: Hi from Brisbane :)
00:55:53 Heather G: hello from Budapest, Hungary!
00:56:03 Vincent: hi all , from ELDORET, Kenya
00:56:04 John Hughes: Hi from Sunshine Coast QLD Australia
00:56:05 Dragon: Matt doesn't get paid for this he 'volunteers'?? Nice man
00:56:08 Elena S: Matt is great, more than happy for him to go overtime
00:56:09 Colleen Crisp: Hi from Logan Qld
00:56:14 Kinan S.: Can we please reduce the messages as it is distracting?
thanks
00:56:14 Simon Hulme: Hi all from Brisbane!
00:56:17 Jonathan Phiri: Hi All. Jonathan from Lusaka.
00:56:27 Mike: Matt is an awesome lecturer
00:56:30 HP PC: HI from Ethiopia
00:56:30 Ashley: Hi from Serbia
00:56:31 Ahmed Al-abdulrazzak: Hi All, Hope ur safe
00:56:40 Dawid: Hi All, Dawid from NZ
00:56:43 Kanika Behl: Hi everyone from Melbourne!
00:56:43 Manpreet Chahal: Hi Studying Grad Cert in Cyber Security from CSU
00:56:45 Paul: Hi from Western McGowanolia...
00:56:46 Naved Anjum: Hi Everyone, Naved from India !
00:56:59 Anthony Oliver: Hi everyone from Melbourne, Australia
00:57:01 Amrith Shetty: McGowanolia ?
00:57:04 Kshitija Jadhav: Hi, everyone.
00:57:07 Amrith Shetty: Where is that?
00:57:14 Daniel: Hi all Daniel from Lusaka
00:57:16 Irene: @hannah - I'm having some issues resetting password for the
portal
00:57:23 Tayali: Hi All, from Johannesburg, South Africa
00:57:25 Amine Sbai: this course falls within my cloud course, will it be ok for
me to watch the recording later?
00:57:29 Peter Stott: Hello Everyone, Peter from Brisbane
00:57:30 Hannah Clarke: Send me an email Irene -
[email protected]
00:57:31 Paul: Sorry Amrith, in-joke.. western australia
00:57:36 Gagan: Hi All ..Gagan from India
00:57:38 Amrith Shetty: lol
00:57:43 1EFbxjZOf1k: Hello from a very, very, very wet Dorrigo - NSW Mid
North Coast - Australia
00:57:44 Hannah Clarke: Watching recordings are fine
00:57:45 Ash: Hi Everyone
00:58:05 Irene: @hannah - thanks, already done
00:58:07 Stanley Enemanna: HI All, Stanley from Nigeria
00:58:12 Hannah Clarke: 202145 term starts 24th May
00:58:13 Tahir Siddique: what about those who are already students with CSU
00:59:00 Attendee: Hi from KFC
00:59:22 Andre_Q: Heavens no seems harsh lol - already done a full course
with you guys :)
00:59:23 Amrith Shetty: Probably chat a bit later maybe
00:59:28 Majd Achji: No cameras?
00:59:28 Manpreet Chahal: love IT masters content
00:59:32 Elena S: We need another option for that last poll for those who are
already studying in CSU/masters
00:59:51 Elinor Blom: can you send the link for the online portal in the
chat please?
01:00:03 Brenden: Oh are these just going to be voices and slides?
01:00:04 Hannah Clarke: https://learn.itmasters.edu.au/course/view.php?
id=3816
01:00:16 Elinor Blom: thanks!!
01:00:19 Hannah Clarke:
http://www.csu.edu.au/handbook/handbook21/subjects/ITC597.html
01:00:34 Irene: I may be interested later... but for now am happy with
short course. I did an intensive 6 months last of 2020!
01:00:35 Hannah Clarke:
http://www.csu.edu.au/handbook/handbook21/subjects/ITE513.html
01:00:42 OJ: Hi All, I am Omer
01:00:44 D@v0: Arif is awesome
01:00:50 mark: The courses are great!! Best Masters I’ve completed
01:01:41 [email protected]: are u going to give us certificates for
this short course? all participants??🤔
01:01:52 Bilal Gondal: hi omar nice to meet you
01:02:01 Hannah Clarke: There is a certificate of achievement if you receive
a grade of 50% or more in the final exam
01:02:17 Alfred NTAGANDA: I cant here anything
01:02:18 Hannah Clarke: Remember to set your chat to ‘All panelists and
attendees’ if you’d like to join the conversation.
01:02:24 Alfred NTAGANDA: hear*
01:03:11 Towheed: will these slides be shared after the class?
01:03:17 Kye: Sound is working on my end, the audio settings should be in the
bottom left of the zoom window
01:03:18 Hannah Clarke: Maybe check your settings Alfred - no complaints on
this side
01:03:22 Liz: Alfred, check your audio settings in the bottom left hand corner
01:03:29 Hannah Clarke: Slides are up now on the course page
01:03:34 scott: @alfred Bottom left corner, click Audio Settings and check
that
01:03:36 [email protected]: when will be exam?are u taking exam in
this course?
01:03:45 Max Lian: My Zoom refused to let me join computer audio, despite all
audio tests working. I've had to dial in
01:03:47 Sebastian Gonzalez: finish PhD yet?
01:04:00 Towheed: Thank you Hannah
01:04:06 Alfred NTAGANDA: Thank i can hear now
01:04:08 Bilal Gondal: @hannah can we get subtitles ?
01:04:21 Hannah Clarke: Exam will open week of the 12th April
01:04:28 RAD: how's the phd going?
01:04:31 Jarrad H: Hi Hannah, can I ask where the recordings will be posted? I
have young kids here and they unfortunately are going to pull me away throughout
01:04:50 Hannah Clarke: On the course page Jarrad -
https://learn.itmasters.edu.au/course/view.php?id=3816
01:04:51 Simon Hulme: What is your PHD in?
01:04:55 Darwin De Guzman: Will the slides be shared
01:04:57 Jarrad H: Thank you
01:05:13 Hannah Clarke: If you need to enrol to access the course page you
can do so here - https://itmasters.edu.au/free-short-course-digital-forensics-
updated/
01:05:21 dee75: @Jarrad H - I'm in the same boat
01:05:35 [email protected]: are u going to inform us
01:05:46 [email protected]: about exam?
01:05:48 Craig McDonald: and Kali Linux
01:06:03 Trent: Not kali for digital forensics
01:06:14 Trent: Sift
01:06:42 Hannah Clarke: We will talk more about the exam in week 4
01:06:53 Darwin De Guzman: Hi Hannah will the slides be shared?
01:06:54 [email protected]: its online? do we have to register for
exam separately?
01:07:15 Bilal Gondal: when the next class will be?
01:07:21 Hannah Clarke: It’s entirely online on the course page posted above
- you don’t have to register seperately
01:07:57 [email protected]: ok thank u!
01:08:11 D@v0: Check out Sift Workstation rather than Kali
01:10:16 [email protected]: we can take exam anytime right?? or we
need to attend all sessions??
01:10:25 Max: do we get access to these slides or just the recording
01:10:38 Adam Carey: I'm in IT so I don't have to do mathematics!!
01:10:49 Hannah Clarke: The exam will cover content from each 4 weeks and
you’ll need to pass the weekly quizzes to access the exam
01:10:58 Hamilton Dwight Walker: Mathematics is very useful in computer science.
01:11:02 Hannah Clarke: The slides are currently uploaded onto the course
page - https://learn.itmasters.edu.au/course/view.php?id=3816
01:11:11 Andre B: Dial up mode
01:11:14 Brenden: The extent of my forensics experience is using
LastActivityView from NirSoft
01:11:14 Andre B: modem
01:11:15 Hamilton Dwight Walker: Whole computer runs on mathematics.
01:11:17 Taylor Thurley: Computers are mathematics
01:11:29 Dinesh: I still have Windows XP
01:11:32 Adam Carey: exactly, the computers do it so I don't have to ;)
01:11:40 Jon Moyses: Let's just get back to DOS...
01:11:43 Ntomi: windows 98 :)
01:11:46 Victor C.: big calculator programmed to do things
01:11:52 Craig McDonald: I would love to do that
01:12:05 Kinan S.: is xp still in use? we are decom'ing win7 now moving
forward to win10 baseline
01:12:13 Sreedhar Narayanaswamy: DOS6.0
01:12:17 Aaron: I know places still running Server 2000
01:12:19 Dave A: I've seen XP in use, particularly retailers
01:12:19 Marty Hyland: win 95 still in use around the world
01:12:24 Sergio: I use it
01:12:27 Attendee: I seen XP on ATM
01:12:30 OJ: Do criminal still use old OS to commit crimes?
01:12:32 Ntomi: u can no longer hack xp
01:12:40 Sreedhar Narayanaswamy: Windows for workgroup.
01:12:42 Trent: Yes winxp is still in use... Legacy applications especially
in governments
01:12:47 Darek: I believe most ATMs are Windows XP
01:12:51 Kinan S.: gees..this is a lot of vulnerabilities that caused a lot of
hacking
01:12:52 Erin: Sadly in education environments XP can be... super expensive
hardware that is prohibitive to replace just for upgraded connectivity
01:13:17 Ishmael: I've seen government still using VB6
01:13:28 Kinan S.: even 2008 servers are vulnerable now
01:13:42 [email protected]: nice lecture flow ...brilliant
explaination slides..are u going to send us slides ? and recording?
01:13:43 Sergio: everything is vulnerable
01:13:44 Jon Moyses: I teach the elderly and disadvantaged... I still see XP and
7...
01:13:46 Aaron: Nah, they're end of life. Hackers don't care about 2008
anymore ;)
01:13:48 Kinan S.: whatever MS doesn't support for patching then forget it
01:14:00 Kinan S.: but if you have it then bingo
01:14:09 Craig McDonald: I thought a lot use FreeBSD
01:14:11 Hannah Clarke: Vijaya, the slides are on the course page and the
recording will be uploaded tomorrow
01:14:15 Marty Hyland: all servers are "vulnerable" just not actively
exploited and patched
01:14:18 Amrith Shetty:
https://twitter.com/j_mesney/status/1222175279751233537?ref_src=twsrc%5Etfw
%7Ctwcamp%5Etweetembed%7Ctwterm%5E1222175279751233537%7Ctwgr%5E%7Ctwcon
%5Es1_c10&ref_url=https%3A%2F%2Fround-lake.dustinice.workers.dev%3A443%2Fhttps%2Ftheconversation.com%2Fairports-atms-hospitals-
microsoft-windows-xp-leak-would-be-less-of-an-issue-if-so-many-didnt-use-it-147018
01:14:19 Ishmael: hackers will target it if they know enough people use it
01:14:35 Gerard Ravasco: there might probably more people who knows to hack
rather than us trying to find out and investigate the hack.....
01:14:37 Swapnil D: Hi Everyone, I am Swapnil Dalvi from Ireland, I look
forawrd
01:14:41 Kinan S.: OMG
01:14:48 Konstantinos Argyropoulos: whatever is plugged to internet is an
attack surface for malicious actors.
01:15:04 Al: Phones just keep getting bigger storage...
01:15:06 Amrith Shetty: Lot of aiports still using xp
01:15:06 Swapnil D: Hi Everyone, I am Swapnil Dalvi from Ireland, I look
forward to studying with you all.
01:15:12 Helen Burgess: also other countries are not upto date. I know that
certain asian countries may still be running older versions of windows
01:15:17 Kinan S.: not at sydney airport
01:15:24 Jeremy Appleby: Old versions of OS are in use across many different
sectors, as they may be needed to support critical applications, that can’t easily
be update/upgraded/replaced.
01:15:36 Ishmael: Australian government is still very out of date in some
things
01:15:42 JianAnLim: I think older Windows still around especially for easier to
be pirated at time
01:15:43 Dinesh: XP is so outdated, even the hacking tools aren't compatible
with it anymore.
01:16:00 Kinan S.: maybe MS and pirates have a deal..lol
01:16:02 JianAnLim: XP embedded still around
01:16:04 Jerry Paul Acosta: China pwned all Microsoft softwares… lolz!
01:16:14 [email protected]: take questions at last please...let
lecture go flawless...nice he is explaining
01:16:14 Trent: Sleuthkit and autopsy!
01:16:19 Miguel Aguilar: Caine???
01:16:26 D@v0: Don't the tools need to meet industry standards?
01:16:28 Peter: I do data recovery - i got even a lot of XP jobs...
01:16:28 Marty Hyland: I know my workplace is still using some Win 7
machines although rare there still used unfortunately
01:16:31 Max: yeah caine is good
01:16:32 Al: Does anyone still use EnCase?
01:16:41 Gerard Ravasco: tools are getting smarter, and so are the kids, but
we adults really need to adapt.... we might not be getting smarter...
01:16:51 Peter: a ton of machining run still XP boxes to get controlled
01:16:55 David Clarke: NT4 SP6 :-)
01:16:56 Max: anyone- I bet many do
01:16:56 Christine: I still have a win 7 machine. It has its uses
01:16:59 Ishmael: about 60% are still on win7 where i work
01:17:08 Aaron: NT4, Best OS
01:17:09 Jerry Paul Acosta: any thoughts on Veriato tool?
01:17:11 Trent: I believe so, in my field I don't need to worry about chain
of custody
01:17:16 Ishmael: i have heard of it being used where i am but i don't know
why or how
01:17:30 Peter: I like OS Forensics … price is great and it can do all I
need till now
01:17:37 Peter: EnCase is to pricy for me
01:17:53 Pasquale Russo: Usually it is mandatory to sign an NDA before
starting an investigation
01:18:11 Vincent: NT4, how efficient it is?
01:18:13 Peter: and OSF offers a cert. called OSFCE for there users -
helpful in come cases to proof you know that tool
01:18:25 Aaron: Can boot that bad boy on 16MB of RAM
01:18:33 Kinan S.:
https://docs.microsoft.com/en-us/lifecycle/overview/product-end-of-support-
overview
01:18:37 Amrith Shetty: Slab of vb :)
01:18:48 Aaron: Pretty sure Windows 10 addresses memory in no less than 1GB
blocks
01:18:48 Tony: In other words, don't be a politician :p
01:21:06 mark: Know what happens under the bonnet!
01:21:42 Ishmael: what if the person installing the software doesn't know
what they are doing?
01:22:35 Max Lian: For HR/legal investigations, I give the full data set
requested by the legal team to them - and let the lawyers/HR people decide if it's
actionable
01:23:03 Aminu Sabo Abdullahi: Hi everyone, A.Sabo from Nigeria
01:23:26 Kinan S.: It is exactly like what happened with the ABC and other
media orgnaisations that got raided by the Feds.
01:23:39 Kinan S.: Court order
01:24:00 Jeffrey Phuah: Chain of Custody...like an audit trail?
01:24:31 George Kiio: .E01 files
01:24:34 Jeffrey Phuah: Chain of Custody...like an audit trail?
01:24:43 Craig McDonald: I have heard of things like acid thrown on hard
drives in order to destroy data
01:24:54 Gerard Ravasco: like paper trail, chronological sequence
01:24:59 Anton: Under which legal protocol in Australia will it falls,
other laws I knows are the Law of Delict and the Law of Torts
01:25:02 Al: or L01, not always time to make a full physical
01:25:23 Craig McDonald: Always work on the backup
01:25:44 Sebastian Gonzalez: Gotta watch out for those giant magnets too,
like in Breaking bad
01:26:31 Kshitija Jadhav: Prevention is better than precaution.so its better to
work on image.
01:26:51 George Kiio: I got messed up on my last forensics as the disk was
fully encrypted. Validated the hash. Yet you cant load and view files.
01:26:53 Hamilton Dwight Walker: MD5 is one hashing algorithm
01:27:22 Dinesh: MD5 isn't secure / reliable anymore
01:27:27 Ashok Gupta: Would you require a hash value of Disk Image?
01:27:37 Abhijeet Mukherjee: Use SHA3 instead of MD5 coz it is not reliable
01:27:37 [email protected]: keep chat off until class over please
01:27:45 Al: always open your new image and check it before you leave ;)
01:27:49 David Clarke: SHA3
01:28:01 Dinesh: MD5 collision attack
01:28:23 JasperDawo: In terms of corrupt and damaged hdd's, how can we conduct
our analysis?
01:28:27 Al: MD5 not reliable???? Are worried about hash collisions???
01:28:33 Abhijeet Mukherjee: Yes
01:28:53 Manpreet Chahal: CIA
01:28:54 Marc: CiA
01:28:55 David Clarke: Compare the Hash on original to Hash on your copies
to prove they are true copies.
01:29:03 Kinan S.: the strongest hashing algorithm is SHA-256.
01:29:15 Towheed: Confidentiality, Integrity, Availability = CIA
01:29:18 Runa: yup md5 will not work well anymore with quantum computing
01:29:28 Ishmael: isn't there a SHA-512 now?
01:29:43 Abhijeet Mukherjee: Hashing's purpose to detect tampering, if I can
fudge the value then...
01:29:56 Al: I don't think anyone has seen a hash collision in the field. In
a research paper yes, in real life, no.
01:30:24 Kinan S.: would be a kiddie mistake if they had a collision
01:30:54 Abhijeet Mukherjee: Collisions in MD5 were first detected in 2012
01:31:10 Andre B: OS/2 Warp
01:31:11 Ishmael: Z/OS!!!!
01:31:11 Terai: I like you're thinking
01:31:12 Max Lian: Oh! A stew!
01:31:13 Collin Penman: OS2 - WARP
01:31:16 Jeremy Appleby: Still got a copy of OS/2 Warp...
01:31:17 Max Lian: Last time I saw that was 95
01:31:19 Craig McDonald: Love OS2, used to run Zone 3 laser games with it
01:31:21 Peter Heijkamp: yeah.. OS2 IBM OS :P
01:31:24 Dan: solaris?
01:31:25 Sreedhar Narayanaswamy: netware 6.1
01:31:25 Peter Heijkamp: Oldskool ;)
01:31:26 Al: New York Metro still uses OS2
01:31:29 Peter Heijkamp: solaris.. geez
01:31:29 Matthew THOMAS: wow OS/2 :)
01:31:31 Sebastian Gonzalez: lol
01:31:31 John Hughes: OS2 was never my favourite
01:31:32 gopal: What about mainframe and midrange OS
01:31:35 Sreedhar Narayanaswamy: silicon graphic
01:31:36 Amrith Shetty: RS2?
01:31:40 Sreedhar Narayanaswamy: SCO UNIX
01:31:42 D@v0: PC/M
01:31:52 Peter Heijkamp: AIX?
01:31:52 John Hughes: Yeah Dan, Solaris too
01:31:55 Eason Mai: CP/M?
01:31:57 Darek: let's try NetBSD on VAX
01:32:12 D@v0: fat fingers
01:32:18 Ross M. W. Bennetts: Points lost for not knowing how to pronounce
Linux.
01:34:17 D@v0: I started on a VAX VMS Mainframe
01:34:19 Emma .: are there any recommendable conferences in the field?
01:35:58 Brenden: Are there any certifications that focus on the technology
without stressing hard on the chain/bureaucracy elements?
01:36:09 Attendee: Except ATO
01:36:25 Amrith Shetty: https://www.isc2.org/
01:36:55 Peter Heijkamp: CISSP is more technical than manegerial. is an ISC
cert
01:37:07 Peter Heijkamp: CISM is more managerial
01:37:22 Peter Heijkamp: CISM is an ISACA cert to make things easy ;)
01:37:38 Gerard Ravasco: ACE AccessData
01:37:53 Peter Heijkamp: And on this topic, i think i'd look into the SANS
institute certifications
01:37:54 Konstantinos Argyropoulos: Both CISSP and CISM are prestigious
certificates!
01:38:01 Kinan S.: CSSP is more legal
01:38:28 Peter Heijkamp: https://www.sans.org/level-up/digital-forensics.html
01:39:02 Hamilton Dwight Walker: not all are lawyers here, I am not a lawyer
01:39:10 Marc: SANS courses $$$$ :)
01:39:47 Al: And $$$ for recertifications too.. ;)
01:40:03 Peter Heijkamp: yeah.. SANS cost.. but not lookin at money now.. just
sharing info ;)
01:40:20 Peter Heijkamp: decision is every one's own :)
01:40:27 Stanley Enemanna: how about
Computer Hacking Forensic Investigator | CHFI | EC-Council
01:40:38 Al: The catering on their courses is excellent.
01:40:48 Peter Heijkamp: get a free mug too? ;)
01:40:50 Marc: recert is pretty ok. you got fresh materials and 5 yrs, IIRC.
01:40:52 phil purkiss: digital creimes will also go for counter terrorism
measures in which the Criminal Code will be covered in the document as well
01:40:56 Hannah Clarke: Study the full subject in the Graduate Certificate of
Cyber Security
https://itmasters.edu.au/course/master-of-cyber-security/graduate-certificate-in-
cyber-security/
01:41:01 phil purkiss: oops Crimes
01:41:10 Brenden: Thanks guys. Guess I'll stick to Udemy courses
01:41:11 Marc: did gsec.
01:41:23 Al: T-shirt and a bag.
01:41:31 Marc: would have been good if they offer discount to old students.
01:41:33 Kinan S.: but you have to be familiar with the legal side of it to be
a digital forensic investigator
01:41:35 Amrith Shetty: Free mug ? im in
01:41:48 Kinan S.: is the gsec a replacement for cssp?
01:41:55 Hamilton Dwight Walker: I opened chat on right so it does not interrupt
the course
01:42:19 Marc: nope. different vendor in a way.
01:42:56 Andrew:
https://certification.comptia.org/docs/default-source/downloadablefiles/it-
certification-roadmap
01:43:03 Marc: IMHO CISSP is pretty heavy on theory side.
01:43:39 Marc: SANS are more hands on / tech focus.
01:43:48 Peter Heijkamp: True!
01:43:54 phil purkiss: we require that all those using IT resources are
bound to be aware of potential breaches may either lead to termination or criminal
action
01:44:07 Jerry Paul Acosta: https://allitbooks.net/search.php?
search_text=forensics
01:44:08 JasperDawo: T-shirt, bag and mug? I'm also in.
01:44:09 Kinan S.: SANS is heavy as well.
01:44:38 Dinesh: This screenshot is from windows XP
01:44:51 Craig McDonald: There is also no link to the company policy
01:44:52 Francisco Gomez: Talking about Windows XP
01:44:53 Pasquale Russo: It is a deterrent
01:47:18 Bulou Sovu: How long does this webinar go for
01:47:22 Craig McDonald: You went a bit G729 on us then
01:47:33 Dinesh: ha ha
01:47:49 Hannah Clarke: Remember to set your chat to ‘All panelists and
attendees’ if you’d like to join the conversation.
01:48:03 Fadel Al Mubarak: To be network security engineer. Is CCSP a good
choose to start?
01:48:05 Hannah Clarke: Webinar usually around an hour, sometimes a little
bit longer…I think tonight will be the little bit longer
01:48:16 Fadel Al Mubarak: To be network security engineer. Is CCSP a good
choose to start?
01:48:45 Dinesh: SSCP -> CISSP
01:48:53 Marc: CISSP you mean?
01:48:58 Sherwin Xavier: You could start with CompTIA Network+
01:49:01 Andrew: CCSP is a cloud based certification. Should start with
Cisco or something similar
01:49:03 T: CCNA would be your path
01:49:07 Craig McDonald: Not gparted?
01:49:18 jsalceda: BYOD is quite hard to mandate against specially for
education institutions that are using this model for their students
01:49:33 SAF: Is there a way to reduce the chat so random comments don't cover
the slides?
01:49:51 Fadel Al Mubarak: Thanks all for your advise
01:49:51 JuanNino: ddrescue?
01:50:03 Fadel Al Mubarak: Thanks all for your advise
01:50:07 M.Ayubi: Nice with some handons (Y)
01:50:13 Hannah Clarke: You should be able to make the chat pop-out, or you
can also stick it to the side of your meeting window so it doesn’t cover the slides
01:50:20 D@v0: OSForenics is only a trial.
01:50:31 dee75: pretty new to all this so have been searching all the
acronyms as we go
01:50:32 Jerry Paul Acosta: CompTIA CySA+ is a good jumpstart if you are in
cybersecurity role for 2years up!
01:50:32 Hamilton Dwight Walker: I am not interested all these expensive
certifications.
01:51:01 Brenden: Are we going to use Autopsy more than once? I'd prefer to
sandbox it and keep my computer clean
01:51:07 Hannah Clarke: Remember, you can always continue tonights chat in
the forum, and answer Matt’s discussion point -
https://learn.itmasters.edu.au/mod/forum/view.php?id=4180
01:51:28 George Kiio: Great,
01:51:28 RAD: good job Matt
01:51:29 Savenaca Siwatibau Waqa: Thank You Mat
01:51:34 D@v0: Insert standing ovation here
01:51:37 Jon Moyses: The autopsy tool is fun to play with... Can run the
original version without updating Java...
01:51:40 Darwin De Guzman: Thanks Matt
01:51:40 Chris K: *applauds*
01:51:41 Dave A: Hahahaha, well done. :)
01:51:41 cigboanu: nice one
01:51:41 George Kiio: I loved this
01:51:42 Dragon: standing up *golf club clap*
01:51:43 Jason: awesome...well done
01:51:43 Manpreet Chahal: great presentation Guys
01:51:45 Peter Heijkamp: *applauds*
01:51:46 Irene: Well done! Thank you Matt
01:51:46 Blair: 1 hour closer to finishing your phd
01:51:50 COMM. LOWE: Wonderful presentation
01:51:53 Cam Oliver: I'm gonna start a forensics VM, and just grab a snapshot!
01:51:53 Jeremy Appleby: Good kick off session…
01:51:54 Craig McDonald: Brendan, I'm with you. I use VirtualBox all the time
for sandbox environments
01:51:55 Anna Edwards: Thanks, this was awesome
01:52:00 Hannah Clarke: You can get to Moodle here -
https://learn.itmasters.edu.au/course/view.php?id=3816
01:52:02 Bryan: How to extract forensic data from firmware
01:52:03 dee75: Lol not asleep
01:52:04 Sebastian Gonzalez: zzz
01:52:06 Craig McDonald: Thanks Mat!!
01:52:07 Ntomi: so awake lol
01:52:07 Bulou Sovu: Thank you Matt
01:52:09 Shamraz t: how hard is.it ro move from.IT support
to.digital.forensics?
01:52:12 Ash: thank matt
01:52:14 Amrith Shetty: Awake !
01:52:19 Ntomi: thanks matt
01:52:20 Manny: Thanks Matt
01:52:21 olu: hummmmmmmm
01:52:22 Elise: Thanks Matt!
01:52:22 Hannah Clarke: If you haven’t enrolled in the course to access
Moodle you can do so here - https://itmasters.edu.au/free-short-course-digital-
forensics-updated/
01:52:24 Nwabisa Mabuto: Thank you to everyone
01:52:24 Hamilton Dwight Walker: I don't like the chat, it interrupts all the
time
01:52:26 marc: Thanks Matt
01:52:30 Andrew L: Thanks Matt
01:52:32 Richard: Thanks Matt
01:52:32 Hamilton Dwight Walker: totally distracting
01:52:39 Rupa: agree
01:52:43 DM_CJ: thank Matt
01:52:46 Liz: 2nd screen works wonders! No way I could keep up with all the
chat.
01:52:46 Twisha Sevak: agree ^
01:52:48 Chadi: You mentioned a PDF document to read as part of installing
the autopsy tool
01:52:53 Peter: Stanley Enemanna if you search for a industry standard
cert. - Mile2 lower the price for the CDFE
01:52:53 Hamilton Dwight Walker: only 1 screen
01:52:53 T: Do you guys have a VM with required tools?
01:52:54 Miguel Aguilar: Excellent thank you
01:52:54 Rupa: what is the relevant course for project managers?
01:52:55 Jon Moyses: Brilliant presentation... really enjoyed...
01:52:59 Hamilton Dwight Walker: not that rich to have 2 screens
01:53:00 Abhijeet Mukherjee: Thanks Matt
01:53:05 Hamilton Dwight Walker: 1 VGA adaptor on this PC
01:53:18 D@v0: @T yes. Windows 10 VM
01:53:22 Peter Heijkamp: i am using virtualbox for all the nice investigations
coming up
01:53:32 Liz: needed it for work with the 5 programs I need open at once...
01:53:35 James: Thank you, that was a great first class/intro.
01:53:38 Hannah Clarke: Now is a great time to pop any questions you might
have into the Q&A so they don’t get missed in the fast-paced chat
01:53:40 Hamilton Dwight Walker: I am going to use my own PC and am not scared
of stuffing it up
01:53:50 Kye: T - I personally use a specific machine as a forensic
workstation, as it's easier when you're dealing with physical devices
01:53:51 D@v0: Or a private investigator
01:53:57 Hannah Clarke: We might not get to every question before time runs
out but we’ll get to as many as we can
01:54:15 Gerard Ravasco: Linux kali with vm has gazillions of tools
01:54:49 Manpreet Chahal: start as graduate program with federal Government
01:54:53 Abhijeet Mukherjee: How can we use forensics to counter the nation
state threats?
01:55:02 Max: run a vm and use that
01:55:07 Eduardo Fraga da Silva: I can’t login to the IT Masters portal. After
registering for the course, I got an email saying I already got an id… when I
attempt to reset the password… I never receive the email with details. Any ideas
what can I do?
01:55:18 Abhijeet Mukherjee: How can we use it for preventive capability?
01:55:26 Eduardo Fraga da Silva: If it helps, I am a CSU student
01:55:32 Sottie Abraham: Please if I want to peruse a career in cybersecurity,
how best will this course help me
Abraham from Ghana
01:55:43 Hannah Clarke: Master of Cyber Studies and Investigations (run
entirely by CSU) -
https://study.csu.edu.au/courses/police-security-emergency/master-cyber-studies-
investigations
01:56:12 Hannah Clarke: Hi Eduardo, check your junk folder and if it’s not
there email [email protected]
01:56:44 Darek: Just wonder how we can pass NV1 to join, say, afp, as we
can't do it before start the job and we can't start the job without it either
01:57:03 Savenaca Siwatibau Waqa: i cant access the moodle?
01:57:11 Eduardo Fraga da Silva: It is not there. Perhaps it was not sent it
yet? I requested it about 30-40 min ago
01:57:51 Jason: any problems opening the .dd file?
01:58:11 Eduardo Fraga da Silva: Thanks Hanna, I will send the email
01:58:55 Craig McDonald: I need to go, thank you Matt and Guy for the lecture
01:58:59 Hannah Clarke: If you’re looking to access the course material and
haven’t already, you can sign up for this course here -
https://itmasters.edu.au/free-short-course-digital-forensics-updated/
01:59:13 Hannah Clarke: Matt’s "full version" of the subject is called ITC597
Digital Forensics

Study the full subject in the Graduate Certificate of Cyber Security

https://itmasters.edu.au/course/master-of-cyber-security/graduate-certificate-in-
cyber-security/
This course is available with CSP funding.
01:59:29 Jon Moyses: It is equivalent to be a Health and Safety Manager and
running an investigation... the only difference is you are using technology and
computers...
02:01:07 Gerard Ravasco: right on matt, attitude and ethics and integrity
cannot just be taught in books
02:01:19 nicky: Hi team, nicky here from ATO. I’m the digital forensics
director and currently we are recruiting for APS4-EL1 in Digital Forensics.
Our jobs are currently advertised at APS jobs.gov.au advertised as Cyber security
analyst.
02:01:26 Hannah Clarke: Master of Cyber Studies and Investigations (run
entirely by CSU) -
https://study.csu.edu.au/courses/police-security-emergency/master-cyber-studies-
investigations
02:01:37 Jeremy Appleby: Is Digital Forensics more looking at an incident
“after” the fact, rather than Threat identification and prevention, which more
Digital Cyber Defence??
02:02:34 Helen Burgess: Need to get going now. Will fast forward to the
questions tomorrow.
02:03:25 Kshitija Jadhav: Which forensic tool is most commonly used by
professionals ?
02:03:27 Som: is csp funding available for Master of CS?
02:03:39 nicky: Would love to hear how I can reach out to Matt and speak
more about what jobs opportunities ATO offers for your DF students
02:03:40 Hannah Clarke: CSP is for grad cert’s only!
02:03:53 Jon Moyses: Just thinking about thinking outside the box... The best
quote I saw over the weekend was 'screw the box, I think outside the straight
jacket'
02:04:09 Hannah Clarke: Hi Nicky - send me an email (you can just address to
Hannah) at [email protected] and I’ll get your message to the team
02:04:10 Rupa: I gotta go
02:04:22 Rupa: Thanks for the today. It was great learning :-)
02:05:36 nicky: Thanks team I’ll email Hannah tomorrow :-)
02:05:49 Som: @Hannah, is there a % of the Grad Cert covered by CSP?
02:06:32 Hannah Clarke: Graduate Certificate is a higher qualification than a
Bachelor
02:06:36 Jerry Paul Acosta: What OSINT tool can scan and hunt Hashes of
IOCs?

02:06:55 Hannah Clarke: You can read about CSP and our courses here -
https://itmasters.edu.au/commonwealth-supported-places-available-now/
02:07:47 nicky: Really enjoyed tonight’s session - thank you
02:08:15 Dwayne: Thanks folks, catch ya next time.
02:08:20 Ahtesham Bin Zakria: What if our hard drive is burnt and we as a
fronsics expert need to recover data from that drive how we are going through
this .
02:08:40 Hannah Clarke: If you'd like to discuss your study options and
eligibility fill in our simple form https://www.itmasters.edu.au/am-i-eligible/
02:08:59 Patrick: got to drop off... thanks soo much, looking forward for the
next courses ;)
02:09:04 JasperDawo: Thanks Matt and the team. Catch you on the next webinar.
02:09:06 Brenden: He says "not truly random", but isn't it essential that
hashing doesn't involve any randomisation?
02:09:06 sohai: what is the price of job ready graduate certificate
package?
02:09:32 Towheed: After doing a Grad Cert, what is an acceptable gap to start
a Masters for having the credits for those 4 subjects in Grad Cert?
02:09:43 Hannah Clarke: Have a look here Sohai -
https://itmasters.edu.au/commonwealth-supported-places-available-now/
02:10:04 Jon Moyses: Brilliant answer...
02:10:10 Paul K: To also have the same data set size is basically not
possible. And to be having say an intact file structure still less possible if that
were possible.
02:10:18 H Young: Thank you, very interesting presentation.
02:10:34 Bernadet: thanks, need yo leave.
02:10:41 Hannah Clarke: Towheed - some people like to go straight in, some
people like to take a session break in between, I will need to double check but I
think there’s a max of a year (I need to confirm this)
02:11:23 Ross M. W. Bennetts: Probability of collision depends on the hashing
algorithm used
02:11:29 Towheed: ok, Thank You Hannah. I am already in discussion with Ruth
if you know her. I will email her, not a problem.
02:11:42 Elisha: Thanks for the presentation I have another meeting now
02:11:50 Dan: power on then self destruct
02:11:56 Hannah Clarke: Amazing, Ruth is great
02:11:56 elizabeth waller: Thanks so much for tonight Matt and Guy, need to go.
02:12:26 Abishek Shah: kali tools
02:12:30 Hannah Clarke: Any remaining questions you might have now that our
Q&A is closed - pop in the discussion forum to chat with your peers
https://learn.itmasters.edu.au/mod/forum/view.php?id=4180
02:13:03 Sebastian Gonzalez: i was reading that shutting the to the actual
device, rather than at the wall, to avoid allowing UPS to keep the machine running,
which can allow it to automatically delete evidence before it goes down
02:13:42 Ross M. W. Bennetts: Quantum computing might make finding hash
collisions much quicker
02:14:38 Ahtesham Bin Zakria: What if our hard drive is burnt and we as a
fronsics expert need to recover data from that drive how we are going through
this .
02:15:33 ala: Thanks
02:16:17 Hamilton Dwight Walker: the download for Sleuthkit Autopsy is very big
- 986MB - will have to wait till I get my new computer going to use this as old one
doesn't have enough disk space
02:16:49 H Young: Hannah - Admin can I get your email address please?
02:17:21 Hannah Clarke: You can reach out about our short courses at
[email protected]
02:17:32 Hannah Clarke: If you have queries about study you can email at
[email protected]
02:17:41 Geoff: Functionality vs Security (need to pick on the line where
you want to sit)
02:17:59 H Young: Thank you
02:19:29 Sreedhar Narayanaswamy: Thank you
02:19:57 Hamilton Dwight Walker: lucky I have an external 1TB drive to save the
download to till I install it on new PC
02:20:02 Brendon: thank you
02:20:02 Hamilton Dwight Walker: 2TB
02:21:26 Jeremy Appleby: Or maybe T & M
02:22:52 Hamilton Dwight Walker: people could use slack if they don't want to
chat here on things relevant to this course
02:23:03 Jon Moyses: Give your phone to somebody else...
02:23:05 Andre_Q: At least he wasn't a cat :P
02:24:30 Adnan S: ahahaha
02:25:49 Hannah Clarke: We haven’t set up a Slack channel for this course - I
think it was just a suggestion from Hamilton
02:26:15 Liz: Thanks guys, have to get going.
02:26:30 Keith Newman: ITE535 is based around CompTIA Pentest+
02:27:27 Yolanda: Thank-you everyone, and panelists for answering all our
questions.
02:27:58 Ntomi: thank you for the answer
02:28:32 Adnan S: Thanks Guy and Matt and Hannah for operating this webinar!
02:28:33 OJ: Thank you Guy, Matt and Hannah for this presentation. thanks
everyone.
02:30:38 Towheed: Thank you Guy, Matt and Hannah for running this webinar
today. Will look forward for the next classes.
02:30:59 SC: Thanks all
02:31:00 Savenaca Siwatibau Waqa: Thank You Matt and Guy
02:31:18 Emma .: thanks, nice to meet you live
02:31:18 Colleen Crisp: Love your work guys
02:31:25 Hannah Clarke: https://learn.itmasters.edu.au/course/view.php?
id=3816
02:31:39 David Clarke: Thank you all.
02:31:59 Jens: Thanks all for another great session good night all
02:32:00 john smith: thank you,
02:32:03 Francis Lanch: thanks Matt
02:32:03 Nick: Thank you
02:32:03 Hannah Clarke: Thanks everyone
02:32:04 Andre_Q: Thanks all
02:32:04 Melina: Thanks guys was a great session :)
02:32:06 Adi: Thank you all
02:32:07 Jason: Thanks all!
02:32:07 Jeremy Appleby: Thanks All, Great session
02:32:08 Francis Lanch: and thanks Hannah and Guy
02:32:09 Mariecris O'Conroy: cheers
02:32:10 Andrew L: Thanks everyone!
02:32:10 Sharon: Thx
02:32:11 [email protected]: thanks !!
02:32:12 Francis Lanch: good session
02:32:12 eTL1XMHWp1u: Thank you
02:32:12 Tony: thank you
02:32:12 Dilu: thanks
02:32:12 gopal: Thank you
02:32:15 dee75: Thankyou all :-)
02:32:17 AMOLABS: Thanks for the Knowledge shared ,share with us the
recording
02:32:17 Darwin De Guzman: Thank you
02:32:19 Gary: Thank you
02:32:20 Keith Newman: thanks guys
02:32:20 MZ: Thank you, excellent session!
02:32:21 Geoff: Thank you
02:32:22 Ash: Thanks you
02:32:22 Rocky: Thanks everyone, see you all next week!
02:32:24 Victor C.: thanks for the information!
02:32:24 Monica: Thank you, great presentation
02:32:26 Jon Moyses: Thankyou Guy, Hannah and Matt...
02:32:27 Peter Heijkamp: Thanks all!
02:32:31 Irene: Thank you for the session. Very informative.
02:32:31 Jason: awesome team...really informative
02:32:33 Neil Howell: Thank you. I look forward to next week
02:32:33 bawan: Thanks
02:32:34 ali: Thank you all
02:32:36 Ramesh Chandra: Thanks 👍👍
02:32:43 Jerry: Thanks
02:32:47 Darwin De Guzman: Excited for next week
02:32:49 Judy: Thanks
02:32:50 Mark: thanks 😊
02:32:55 Marc: Thanks Matt.
02:32:55 Jason: Cant wait!
02:32:56 Jayda Addleton: Thank you
02:32:57 Ripon Basak: thanks Matt and fantastic presentation
02:32:58 COMM. LOWE: thanks
02:33:00 dee75: all pretty new to me, just hoping I can keep up with all
the lingo
02:33:01 Tony: Thank You