Computer Incident Response and Forensics Team Management : Conducting a Successful Incident Response.

Mostrar otras versiones (3)

Computer Incident Response and Forensics Team Management provides security professionals with a complete handbook of computer incident response from the perspective of forensics team management. This unique approach teaches readers the concepts and principles they need to conduct a successful incide...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Johnson, Leighton
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Burlington : Elsevier Science, 2013.
Temas:
Computer crimes > Investigation.
Evidence, Criminal.
Forensic sciences.
Criminalité informatique > Enquêtes.
Preuve (Droit pénal)
Criminalistique.
forensic science.
Computer crimes > Investigation
Evidence, Criminal
Forensic sciences
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Front Cover; Computer Incident Response and Forensics Team Management; Copyright Page; Dedication; Contents; About the Author; 1 Introduction; 2 Definitions; 1 Incident Response Team; 3 The Stages of Incident Response; Methodology #1; Preparation; Identification; Containment; Investigation; Eradication; Recovery; Follow-Up; Methodology #2; Preparation; Detection and Analysis; Containment, Eradication, and Recovery; Post-incident Activity; Secure and Evaluate the Scene; Document the Scene; Perform Evidence Collection; Package, Transport, and Store the Collected Digital Evidence.
  • Packaging ProceduresTransportation Procedures; Storage Procedures; 4 The Security Incident Response Team Members; Types of Technical Skills Needed; Types of Personal Skills Needed; 5 Incident Evidence; 6 Incident Response Tools; 7 Incident Response Policies and Procedures; SIRT IR Policies; Incident Response Plan; Corporate IR Strategy and General Use Security Policies; 8 Legal Requirements and Considerations; Privacy; Ethics; Investigation Guidelines; US Federal Rules of Evidence; US Federal Rules for Civil Procedures; 9 Governmental Laws, Policies, and Procedures; US Government; Privacy Act.
  • Computer Security ActClinger-Cohen Act; Computer Fraud & Abuse Act; COPPA; Electronic Communications Privacy Act of 1986 (ECPA); FISMA; USA Patriot Act; Canadian Government; EU; 2 Forensics Team; 10 Forensics Process; Prepare; Identify; Preserve; Select; Examine; Classify; Analyze; Present; 11 Forensics Team Requirements Members; Member Criteria; Forensics Analyst or Specialist; Forensics Investigator; Forensics Examiner; Member Expertise; Forensics Expertise Areas; Developing and Refining the Investigation Plan; Member Certification; Vendor Neutral Certifications; Certified Computer Examiner.
  • Certified Forensic Computer ExaminerCyberSecurity Forensic Analyst; Certified Hacking Forensics Investigator; Certified Information Forensics Investigator; Certified Computer Forensics Examiner; SANS Forensics; Global Information Assurance Certification Forensic Analyst (GCFA); Global Information Assurance Certification Forensic Examiner; Certified Skills That GCFEs Possess; Malware Analyst; GIAC Malware Analysis Certification: GREM; Certified Skills That GREM Certified Professionals Possess; Digital Forensics Certified Practitioner or Digital Forensics Certified Associate.
  • Certified Digital Forensics ExaminerCertified eDiscovery Specialist; Vendor Specific Certifications; EnCase Certified Examiner; EnCase Certified eDiscovery Practitioner; AccessData Certified Examiner; 12 Forensics Team Policies and Procedures; Forensics Analysis Process; Data Collection; Chain of Custody; Evidence Handling and Control; Evidence "Hand-over" to External Parties, LEO; Hardware Specific Acquisition-SIM Cards, Cell Phone, USB Storage, etc.; Data Type Acquisition-Audio Files, Video Files, Image Files, Network Files, Log Files; Investigation Process; Examination Process; Data Review.
  • Research Requirements.

Ejemplares similares