eBook - ePub
Implementing Digital Forensic Readiness
From Reactive to Proactive Process
Jason Sachowski
This is a test
- 374 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Implementing Digital Forensic Readiness
From Reactive to Proactive Process
Jason Sachowski
Book details
Book preview
Table of contents
Citations
About This Book
Implementing Digital Forensic Readiness: From Reactive to Proactive Process shows information security and digital forensic professionals how to increase operational efficiencies by implementing a pro-active approach to digital forensics throughout their organization. It demonstrates how digital forensics aligns strategically within an organization's business operations and information security's program. This book illustrates how the proper collection, preservation, and presentation of digital evidence is essential for reducing potential business impact as a result of digital crimes, disputes, and incidents. It also explains how every stage in the digital evidence lifecycle impacts the integrity of data, and how to properly manage digital evidence throughout the entire investigation. Using a digital forensic readiness approach and preparedness as a business goal, the administrative, technical, and physical elements included throughout this book will enhance the relevance and credibility of digital evidence. Learn how to document the available systems and logs as potential digital evidence sources, how gap analysis can be used where digital evidence is not sufficient, and the importance of monitoring data sources in a timely manner. This book offers standard operating procedures to document how an evidence-based presentation should be made, featuring legal resources for reviewing digital evidence.
- Explores the training needed to ensure competent performance of the handling, collecting, and preservation of digital evidence
- Discusses the importance of how long term data storage must take into consideration confidentiality, integrity, and availability of digital evidence
- Emphasizes how incidents identified through proactive monitoring can be reviewed in terms of business risk
- Includes learning aids such as chapter introductions, objectives, summaries, and definitions
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlegoās features. The only differences are the price and subscription period: With the annual plan youāll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weāve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Implementing Digital Forensic Readiness an online PDF/ePUB?
Yes, you can access Implementing Digital Forensic Readiness by Jason Sachowski in PDF and/or ePUB format, as well as other popular books in Informatik & Informationstechnologie. We have over one million books available in our catalogue for you to explore.
Information
Topic
InformatikSubtopic
InformationstechnologieSection C
Appendices
Introduction
Introduction
Digital forensic readiness requires organizations to strategically integrate its business functions and processes with its administrative, technical, and physical information security controls to maximize the use of digital evidence while minimizing investigative costs. By doing so, organizations are in a much better position to proactively detect and deter security events before they escalate into a more serious incident or reactive investigation.
While not directly related to how the digital forensic discipline is practiced, the supplemental business functions and processes discussed in this section of the book are essential to successfully implementing a digital forensic readiness. Using these business functions and processes as part of a digital forensic readiness program allows organizations to make much more appropriate and informed decisions about their business risks specific to the digital forensic investigations.
In this section, the business function and processes discussed throughout the book have been included as supplemental content to digital forensic readiness. While these materials can be used as part of the digital forensic readiness program, they have been included as stand-alone materials and can be referenced as independent functions and processes that can also be used in other contexts.
Appendix A: Investigative Process Models
Introduction
Ever since forensic science became an established component of digital forensics, there have been a number of suggested and proposed process models. As early as 1984, law enforcement agencies began developing processes and procedures around computer forensic investigations. This led to the determination that as a result of bypassing, switching, or not following correct processes, the investigation could result in incomplete or missed evidence.
To examine the specified process models, the components of each model have been standardized to describe the activities performed as part of the investigative workflow. The term āprocess modelā is used to represent all activities included in the proposed investigative workflow. The term āphaseā is used to represent the high-level components within the process model and the term ātaskā is used to represent the specific activity within the higher-level components.
There has been several digital forensic process models developed over the years to address either a specific need, such as law enforcement, or with a generalized scope with the intention that the process model could be adopted universally. While there might be some process models absent from the table below, Table A.1 contains a chronological list of process models including a unique identifier, the author(s), the publication year, and the number of phases included in the model.
Process Models
It is important to note that inclusion of the process models in Table A.1 does not suggest that these are better or recommended over other models that were not included. The following sections further dissect all process models, identified in Table A.1, in greater detail to extract the phases and better understand how the process model is structured.
[M01] Computer Forensic Investigative Process (1995)
Consisting of four phases, this model was proposed as a means of assuring evidence handling during a computer forensic investigation followed scientifically reliable and legally acceptable methodologies (Figure A.1).
ā¢ Acquisition requires that digital evidence is collected using acceptable methodologies only after receiving proper approval from authorities
ā¢ Identification interprets digital evidence and converts it into a readable human format
ā¢ Evaluation determines the digital evidenceās relevancy to the investigation
ā¢ Admission documents relevant digital evidence for legal proceedings
Table A.1
Digital Forensic Process Models
| ID | Name | Author(s) | Year | Phases |
| M01 | Computer Forensic Investigative Process | M. Pollitt | 1995 | 4 |
| M02 | Computer Forensic Process Model | US Department of Justice | 2001 | 4 |
| M03 | Digital Forensic Research Workshop Investigative Model (Generic Investigation Process) | Palmer | 200... |
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Preface
- Introduction
- About the Author
- Acknowledgments
- Section A. Digital Forensics
- Section B. Digital Forensic Readiness
- Section C. Appendices
- Section D. Templates
- Bibliography
- Index
Citation styles for Implementing Digital Forensic Readiness
APA 6 Citation
Sachowski, J. (2016). Implementing Digital Forensic Readiness ([edition unavailable]). Elsevier Science. Retrieved from https://www.perlego.com/book/1809331/implementing-digital-forensic-readiness-from-reactive-to-proactive-process-pdf (Original work published 2016)
Chicago Citation
Sachowski, Jason. (2016) 2016. Implementing Digital Forensic Readiness. [Edition unavailable]. Elsevier Science. https://www.perlego.com/book/1809331/implementing-digital-forensic-readiness-from-reactive-to-proactive-process-pdf.
Harvard Citation
Sachowski, J. (2016) Implementing Digital Forensic Readiness. [edition unavailable]. Elsevier Science. Available at: https://www.perlego.com/book/1809331/implementing-digital-forensic-readiness-from-reactive-to-proactive-process-pdf (Accessed: 15 October 2022).
MLA 7 Citation
Sachowski, Jason. Implementing Digital Forensic Readiness. [edition unavailable]. Elsevier Science, 2016. Web. 15 Oct. 2022.