{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Ch13 - Advanced Security and Beyond - A dvancedSecur ity...

Info icon This preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
Advanced Security  and Beyond Security+ Guide to Network Security Fundamentals  Second Edition Chapter 13
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
2 Objectives Define computer forensics Respond to a computer forensics incident Harden security through new solutions List information security jobs and skills
Image of page 2
3 Understanding Computer Forensics Computer forensics can attempt to retrieve information—even if  it has been altered or erased—that can be used in the pursuit of  the criminal The interest in computer forensics is heightened: High amount of digital evidence Increased scrutiny by legal profession Higher level of computer skills by criminals
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
4 Forensics Opportunities and Challenges Computer forensics creates opportunities to uncover evidence  impossible to find using a manual process One reason that computer forensics specialists have this opportunity  is due to the persistence of evidence Electronic documents are more difficult to dispose of than paper  documents Ways computer forensics is different from standard investigations: Volume of electronic evidence Distribution of evidence Dynamic content False leads Encrypted evidence Hidden evidence
Image of page 4
5 Responding to a Computer Forensics  Incident Generally involves four basic steps similar to those of standard  forensics: Secure the crime scene Collect the evidence Establish a chain of custody Examine and preserve the evidence
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
6 Securing the Crime Scene Physical surroundings of the computer should be clearly  documented Photographs of the area should be taken before anything is  touched Cables connected to the computer should be labeled to document  the computer’s hardware components and how they are connected Team takes custody of the entire computer along with the  keyboard and any peripherals
Image of page 6
7 Preserving the Data Computer forensics team first captures any volatile data that  would be lost when computer is turned off and moves data to a 
Image of page 7

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern