Returning to tech through Digital Forensics is the goal, but goals need a clear path. After digging into what actually matters at the foundation level, this is the route I’ve chosen:
• Operating Systems
• Networking Concepts
• Hardware and File Systems
Why Operating Systems?
Operating systems sit at the center of everything. They manage processes, memory, storage, users, and logs. In digital forensics, knowing where artifacts live, how the OS is supposed to behave, and what normal looks like makes it much easier to spot what doesn’t belong. That’s why I’m going back to the fundamentals of Windows, Linux, iOS, and Android.
Why Networking?
Malicious activity rarely stays confined to a single machine. Data moves. Commands move. Traces move. Understanding how devices communicate over a network and how traffic is structured helps in identifying suspicious behavior, lateral movement, and exfiltration attempts. Networking knowledge becomes especially valuable when cases involve multiple systems or external connections.
Why Hardware and File Systems?
Data doesn’t exist in isolation. It lives on physical storage and is organized by file systems. Understanding how file systems store data, manage metadata, handle deletion, and allocate space is critical when interpreting evidence or recovering artifacts. Hardware knowledge also matters during acquisition knowing which tools to use, how data can be altered, and how to preserve integrity throughout the process.
This is me intentionally rebuilding from the ground up. I’ll be documenting what I learn and the progress I make as I move forward.
My starting point is cisconetworkingacademy
English