| Skill | Details |
| Research | Expeditious retrieval of information in the public domain and reference material stored across the corporate network. Capacity to gain insights by triangulating information from disparate sources that are inaccessible via public search engines. |
| Awareness | Vigilance in maintaining awareness of developments in the field of information security. Applied knowledge of industry best practices for conducting digital forensics investigations. |
| Evidence Continuity | Strict compliance with established processes for demonstrating chain-of-custody when handling electronically stored information. |
| Forensic Imaging | Applied knowledge of data preservation techniques, which use both physical and logical methods to forensically acquire data and verify sources of information. |
| Networking Architecture | Practical understanding of the Open System Interconnection (OSI) model and the function of communication technologies in the storage and transmission of data, such as network protocols, media access control (MAC) addresses, firewalls, routers, proxy servers, data centers, online applications, cloud services, host-based applications, redundant array of independent disks (RAID), clusters, virtual servers, and modes of multifactor authentication. |
| Hardware | Applied knowledge of components and peripherals connected to information systems, including hard disk drives, random access memory (RAM), the basic input output system (BIOS), network interface cards (NICs), chipsets, and flash storage. |
| File Systems | Applied knowledge of diverse file system attributes such as FAT, FAT32, exFAT, NTFS, HFS+, XFS, Ext2, Ext3, Ext4, and UFS. |
| Structured Data Analysis | Retrieval and interpretation of universally formatted information, such as fixed field entries inside records, as well as embedded information associated with operating systems, relational databases, spreadsheets, registries, Internet history, security and system logs, and encrypted file systems. |
| Unstructured Data Analysis | Interpretation of values associated with detached files stored across various file systems such as digital photos, graphic images, videos, streaming data, web pages, PDF files, PowerPoint presentations, email data, blog entries, wikis, and word processing documents. |
| Semi-structured Data Analysis | Extraction of tags, metadata, or other types of identity markers subsisting within detached files, including information indicative of authorship, revision number, creator, sender, recipient, time and date particulars, GPS coordinates, keywords, and firmware version. This activity also extends to analysis of relational data within files that are associated with detached files, such as XML and other markup languages. |
| Reverse Engineering | Functional understanding of the mechanics of software development, remote administration, and malware proliferation. |
| Programming and Scripting | Knowledge of coding using languages such as C, C++, C#, Perl, Delphi, Html, .NET, ASP, Python, Java, JavaScript, Ruby, Bash Scripting, VBScript, PowerShell, Unix/Linux, EnScript. |
| Virtualization | Applied knowledge of building, configuring, and deploying virtual machines. |
| Technical Reporting | Experience in producing highly granular reports detailing the inner workings of information communication technologies, file integrity, authenticity of information, and movement of data. |