Академический Документы
Профессиональный Документы
Культура Документы
it/notes/edronegroup/ccsp/module-6/
Cybrary
Search
Computer Forensics
– Computer Forensics: The discipline of using proven methods toward the collection,
preservation, validation, identification, analysis, interpretation, documentation and
presentation of digital evidence.
– IOCE and SWGDE are two entities that provide forensic guidelines and principles
as follows.
· If a person is to access original digital evidence, that person must be trained for
such a purpose.
1 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
· Be authentic
· Be accurate
· Be complete
· Be convincing
· Be admissible
Evidence Types
– Direct Evidence: Can prove a fact by fact by itself and
does not need backup information. Information provided
baded on the 5 sense of a (reliable) witness.
– Real Evidence: Physical evidence. The objects themselves that are used in a crime.
– Best Evidence: Most reliable -a signed contract (NDA Signatory must know nothing
after long water-blowing process has ended…)
– Secondary: Not strong enough to stand alone, but can support other evidence.
Expert Opinion.
Copies of a document
– Enticement
– Entrapment
2 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
sponsored nations.
Import restriction
International Issues
– Transborder Issues
– Notify of monitoring that may be used, or do not monitor the employees at all
– Applies to health insurers, health providers, health care clearing houses (claim
processing agencies)
GRAMM-LEACH-BLILEY FINANCIAL
SERVICES MODERNIZATION ACT
3 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
– Known as GLBA
– Requires financial agencies to better protect cutomer’s
PII (Personally Identifiable Information)
– Three Rules:
DISCLOSURE
– Many states have now passed disclosure laws that legally require organizations to
publicly disclose security breaches that might compromise personal data
4 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
AUDITING ROLE
Identification:
– Presenvation
– Collected
– Analyzed
– Transported
– Preserved
– Hashing Algorithms are used to show the integrity of the evidence has not been
modified by the investigation process
– Collection
5 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
· Subpoena
· Search warrant
· Voluntary consent
· Exigent Circumstances
– Examination
– Analysis
6 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
· Documentation
· Expert Testimony
– Decision
· Suspects?
· Corrective Actions?
TYPES OF LAWS
– Criminal Law
– Civil Law
– Regulatory
– Intellectual Property
CRIMINAL LAW
– Punishment
– Deterrence
– Preponderance of evidence
– Damages
7 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
– Liability, Due Care, Due Diligence, Prudent Person Rule are all
pertinent to civil law, as well as administrative law
ADMINISTRATIVE (REGULATORY)
INTELLECTUAL PROPERTY
Trade Secret
COPYRIGHT
– Copyright
· Copyright protections lasts for the lifetime of the author
plus 70 years or 75 years for corporations
· Work does not need to be registered or publised to be protected.
· Protects expression of ideas rather than the ideas themselves
8 of 12 2/24/2018 10:49 AM
Notes: Ludgenstein | ISC2 Certified Cloud Security Professional (CCSP)... https://www.cybrary.it/notes/edronegroup/ccsp/module-6/
– First sale
– Fair use
Trademark
PATENT
– Originally valid for 17 years, but are now valid for 20 years
– Protection for those who have legal ownership of an invention
Teach
Reach an audience of 1,500,000+ IT and cyber professionals, including the world's top companies
LEARN MORE
9 of 12 2/24/2018 10:49 AM