-
- The following detailed account is from our current MSc Student, Vincent Ridderikhoff
-
Introduction.
So far I’ve followed 5 (CSTA, CSTP, CWSA, CIIP, CFIP) of the 7 course en route to the MSc Professional Practice in Digital Forensics and Security via DeMontfort University (http://www.dmu.ac.uk). Thanks to the excellent teaching and guidance of Digicore Ireland, I’ve managed to pass the exams on all of the aforementioned courses. My intention is not to extensively review all of the different courses, the 7Safe website contains enough information on the content of the different courses for people to decide whether the courses provide enough learning’s for their own environment. My intention is to provide some feedback on the courses as provided by Digicore and the way I experienced them.
Some background information on me and the reason for attending these courses. For the past 15 years, I’ve been working in various roles and positions but always related to networking and security. Currently, I’m a proud employee of one of the world’s largest beer brewers. I have worked in various roles within the global networking department for 9 years and was recently appointed Global Security Officer. The 7Safe route to MSc was recommended by our Global Security Manager (for whom I have high regard) and after reading through the different material available online decided to indeed apply for the course.
The application for the course went very smooth. Given the huge discount on paying all 7 courses at once, I decided to take that option. Linda Hennessy was very helpful and guided me through the entire process. Constantly answering all the questions I had and providing me with the needed forms and information.
My first “live” encounter.
Being from the Netherlands I flew in the day before the course started (first flights from Amsterdam to Dublin do not arrive on time for the start of the courses) and settled in my hotel. In the morning, my taxi was waiting to take me to Grange Road Office Park, Rathfarnham, although he had never heard of it, within 15-20 minutes we arrived at the local Lidl’s parking lot. A double door in between the Lidl and some other (for me unfamiliar) stores had a couple of doorbells next to it and one of them stated Digicore. After pushing it, a man’s voice through the speaker asked who I was, provided me with directions inside the building and buzzed the door open. Going up the stairs and through a fairly long corridor I noticed a couple of other companies residing in the same building. At the end of the corridor I found the door to the venue of Digicore. Opening the door, I was awaited by a kind man with a firm handshake whose voice sounded similar to the man on the intercom. The man introduced himself as Eamon Noonan (co-owner of Digicore and course leader). The venue offered room for at least ten people, but possibly even more. I was directed to one of the seats and exchanged some background information while waiting for the rest of the students to come in.
CSTP
The Certified Security Testing Professional 2-day course mainly aims at Web Application security. It’s a very hands-on course that focusses on the OWASP Top Ten. Al students have their own pc and a couple of pre-installed VMWare systems running. Using the host and different guest OS’es the course manual is followed and progressed through all different vulnerabilities, their exploits and possible mitigation measures. Eamon also facilitates the interaction between the students and provides a lot of real world examples and explanations throughout the entire course. The four additional students that attend the course at the same time all varied in background, experience and expectation. This allowed for a lot of interaction, knowledge sharing and networking opportunities. On the second day, after the course was finished, we had the opportunity to do the exam created for this course. There still was enough time available to study, ask additional questions or get additional explanation prior to taking the exams. The course material covers all the questions asked on the exam. I’ve generously passed the exam and was very happy with my score. Although I do not exactly recall my scores, I did score enough points to be awarded merit for the exam.
CIIP
Before attending this 3-day course, I had the expectation that it would be one of hardest and driest (is this even English) courses to take; Certified ISO27K1 Implementation Practitioner. Boy did my mind change during the progression of the course. While getting in the classroom in the morning, I noticed all monitors were removed from the desks. We received two books and all the exercises were done on paper. Being a techy by hart, this further enhanced my fear that this was going to be a tough cookie to crack (by the way, cookies are discussed in depth in the CSTP course). I must admit, having a fellow student that had worked professionally with ISO27K1 made it easier to link the theory to practical implementation. I really enjoyed the course itself, looking deeper into the way the ISO27K1 is setup and reflecting my daily work against it. The further we progressed into the course, the more I started to appreciate the ISO Standard. Again, on the last day of the course, there was enough time to study the course material, ask questions, further debating on the material and taking the exam itself; I passed with distinction.
CSTA
Being the third course I followed, the 4-day Certified Security Testing Associate course had my highest expectations. Having used most of the tools discussed throughout my professional career and due to personal interest, I expected this course to further improve the skillset I already had and dive into tools I had only briefly touched prior to the training. Yet again, my expectations were more than exceeded. Thanks to the course content and exercises, the practical experiences added by Eamon to further explain or elaborate on certain elements, the way Eamon presents the material and the discussions with the other students. I again passed the exam with flying colors; I was awarded with another distinction.
CWSA
Wireless security is what this course is all about. The Certified Wireless Security Analyst course is a little bit different compared to CSTA and CSTP. Since you are now looking at wireless security a single wireless access point is setup that will be used throughout the course. Unfortunately, we had the bad luck that something went wrong and we were not able to finish two of the exercises. Although Eamon had put every effort into getting the two exercises up and running, no matter what he tried something was wrong. A lot of trouble shooting took place while the students were working on assignment, having a short break or discussing the course content. Eamon took out a whole stack of access points, computers and other VMWare images trying to get it to work, without luck. Eamon offered to look into the issue at a later stage, together with 7Safe to try and find the cause and as the solution is found give us some additional time when doing one of the other courses to complete the exercises. I passed this exam with merit.
CFIP
The Certified Forensic Investigation Practitioner course is a 3-day course focusing on digital forensics. The students again have their own live environment and receive the needed SD-card, reader and key fob for the X-Ways software. Based on a practical story line, an investigation is done into a robber computer. Using the forensic software to created forensic images and investigate the images the students are taken throughout the entire investigation gathering facts on the suspect and trying to identify information for the prosecution of the alleged criminal. It was a very interesting journey into the forensic aspect of digital security. Gathering information in places that a ‘normal’ computer user would never expect and then linking the evidence found to the crime committed. Again, accompanied by practical examples from Eamon’s experience linking the theory and exercises to real world experience. The discussions on law and ethics that also come into play when looking at Digital Forensics is also a very welcome addition to the course. I have passed the exam, but came a couple of points short for merits.
Some general feedback.
I really enjoyed my time in Ireland and especially my time at Digicore. Being Dutch, some of the references to Irish businesses and events needed some additional explaining. The people I’ve been into direct contact with at Digicore (Eamon, Linda and Brian) are all fantastic people with great personalities. They constantly strive to assure a pleasant environment and are very helpful not only during the course, but also outside the context of the courses. The tea (I’m not a coffee drinker but coffee is also constantly available and fresh) cookies, pastries, croissants, scones and lunches keep you filled and focused on the course.
The exams; they all follow the same principal, closed book, feedback and personal details prior to the exam, 50 multiple choice questions which are all covered by the book, skipped questions return at the end, the option to review your answers prior to submitting and getting the results back very fast.
As said before, it is not my intention to provide a review on the 7Safe courses or the course material. My intention is to provide some insight in my experience with the courses as provided by Digicore. Up to now, I’ve completed five of the seven 7Safe courses and I am working on my admission to DeMontfort University for the MSc Professional Practice in Digital Forensics and Security.
I am looking forward to starting my MSc assignments and of course returning to Dublin for my last 2 courses.
Kind regards, Vincent