Implementing Digital Forensic Readiness
eBook - ePub

Implementing Digital Forensic Readiness

From Reactive to Proactive Process

Jason Sachowski

  1. 374 páginas
  2. English
  3. ePUB (apto para móviles)
  4. Disponible en iOS y Android
eBook - ePub

Implementing Digital Forensic Readiness

From Reactive to Proactive Process

Jason Sachowski

Detalles del libro
Vista previa del libro
Índice
Citas

Información del libro

Implementing Digital Forensic Readiness: From Reactive to Proactive Process shows information security and digital forensic professionals how to increase operational efficiencies by implementing a pro-active approach to digital forensics throughout their organization. It demonstrates how digital forensics aligns strategically within an organization's business operations and information security's program. This book illustrates how the proper collection, preservation, and presentation of digital evidence is essential for reducing potential business impact as a result of digital crimes, disputes, and incidents. It also explains how every stage in the digital evidence lifecycle impacts the integrity of data, and how to properly manage digital evidence throughout the entire investigation. Using a digital forensic readiness approach and preparedness as a business goal, the administrative, technical, and physical elements included throughout this book will enhance the relevance and credibility of digital evidence. Learn how to document the available systems and logs as potential digital evidence sources, how gap analysis can be used where digital evidence is not sufficient, and the importance of monitoring data sources in a timely manner. This book offers standard operating procedures to document how an evidence-based presentation should be made, featuring legal resources for reviewing digital evidence.

  • Explores the training needed to ensure competent performance of the handling, collecting, and preservation of digital evidence
  • Discusses the importance of how long term data storage must take into consideration confidentiality, integrity, and availability of digital evidence
  • Emphasizes how incidents identified through proactive monitoring can be reviewed in terms of business risk
  • Includes learning aids such as chapter introductions, objectives, summaries, and definitions

Preguntas frecuentes

¿Cómo cancelo mi suscripción?
Simplemente, dirígete a la sección ajustes de la cuenta y haz clic en «Cancelar suscripción». Así de sencillo. Después de cancelar tu suscripción, esta permanecerá activa el tiempo restante que hayas pagado. Obtén más información aquí.
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es Implementing Digital Forensic Readiness un PDF/ePUB en línea?
Sí, puedes acceder a Implementing Digital Forensic Readiness de Jason Sachowski en formato PDF o ePUB, así como a otros libros populares de Informatik y Informationstechnologie. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.

Información

Editorial
Syngress
Año
2016
ISBN
9780128045015
Categoría
Informatik
Categoría
Informationstechnologie
Section C
Appendices

Introduction

Introduction

Digital forensic readiness requires organizations to strategically integrate its business functions and processes with its administrative, technical, and physical information security controls to maximize the use of digital evidence while minimizing investigative costs. By doing so, organizations are in a much better position to proactively detect and deter security events before they escalate into a more serious incident or reactive investigation.
While not directly related to how the digital forensic discipline is practiced, the supplemental business functions and processes discussed in this section of the book are essential to successfully implementing a digital forensic readiness. Using these business functions and processes as part of a digital forensic readiness program allows organizations to make much more appropriate and informed decisions about their business risks specific to the digital forensic investigations.
In this section, the business function and processes discussed throughout the book have been included as supplemental content to digital forensic readiness. While these materials can be used as part of the digital forensic readiness program, they have been included as stand-alone materials and can be referenced as independent functions and processes that can also be used in other contexts.

Appendix A: Investigative Process Models

Introduction

Ever since forensic science became an established component of digital forensics, there have been a number of suggested and proposed process models. As early as 1984, law enforcement agencies began developing processes and procedures around computer forensic investigations. This led to the determination that as a result of bypassing, switching, or not following correct processes, the investigation could result in incomplete or missed evidence.
To examine the specified process models, the components of each model have been standardized to describe the activities performed as part of the investigative workflow. The term “process model” is used to represent all activities included in the proposed investigative workflow. The term “phase” is used to represent the high-level components within the process model and the term “task” is used to represent the specific activity within the higher-level components.
There has been several digital forensic process models developed over the years to address either a specific need, such as law enforcement, or with a generalized scope with the intention that the process model could be adopted universally. While there might be some process models absent from the table below, Table A.1 contains a chronological list of process models including a unique identifier, the author(s), the publication year, and the number of phases included in the model.

Process Models

It is important to note that inclusion of the process models in Table A.1 does not suggest that these are better or recommended over other models that were not included. The following sections further dissect all process models, identified in Table A.1, in greater detail to extract the phases and better understand how the process model is structured.

[M01] Computer Forensic Investigative Process (1995)

Consisting of four phases, this model was proposed as a means of assuring evidence handling during a computer forensic investigation followed scientifically reliable and legally acceptable methodologies (Figure A.1).
Acquisition requires that digital evidence is collected using acceptable methodologies only after receiving proper approval from authorities
Identification interprets digital evidence and converts it into a readable human format
Evaluation determines the digital evidence’s relevancy to the investigation
Admission documents relevant digital evidence for legal proceedings
Table A.1
Digital Forensic Process Models
IDNameAuthor(s)YearPhases
M01Computer Forensic Investigative ProcessM. Pollitt19954
M02Computer Forensic Process ModelUS Department of Justice20014
M03Digital Forensic Research Workshop Investigative Model (Generic Investigation Process)Palmer200...

Índice

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Preface
  6. Introduction
  7. About the Author
  8. Acknowledgments
  9. Section A. Digital Forensics
  10. Section B. Digital Forensic Readiness
  11. Section C. Appendices
  12. Section D. Templates
  13. Bibliography
  14. Index
Estilos de citas para Implementing Digital Forensic Readiness

APA 6 Citation

Sachowski, J. (2016). Implementing Digital Forensic Readiness ([edition unavailable]). Elsevier Science. Retrieved from https://www.perlego.com/book/1809331/implementing-digital-forensic-readiness-from-reactive-to-proactive-process-pdf (Original work published 2016)

Chicago Citation

Sachowski, Jason. (2016) 2016. Implementing Digital Forensic Readiness. [Edition unavailable]. Elsevier Science. https://www.perlego.com/book/1809331/implementing-digital-forensic-readiness-from-reactive-to-proactive-process-pdf.

Harvard Citation

Sachowski, J. (2016) Implementing Digital Forensic Readiness. [edition unavailable]. Elsevier Science. Available at: https://www.perlego.com/book/1809331/implementing-digital-forensic-readiness-from-reactive-to-proactive-process-pdf (Accessed: 15 October 2022).

MLA 7 Citation

Sachowski, Jason. Implementing Digital Forensic Readiness. [edition unavailable]. Elsevier Science, 2016. Web. 15 Oct. 2022.