Ch13 - Advanced Security and Beyond

Ch13 - Advanced Security and Beyond - A dvancedSecur ity...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
Advanced Security  and Beyond Security+ Guide to Network Security Fundamentals  Second Edition Chapter 13
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Objectives Define computer forensics Respond to a computer forensics incident Harden security through new solutions List information security jobs and skills
Background image of page 2
3 Understanding Computer Forensics Computer forensics can attempt to retrieve information—even if  it has been altered or erased—that can be used in the pursuit of  the criminal The interest in computer forensics is heightened: High amount of digital evidence Increased scrutiny by legal profession Higher level of computer skills by criminals
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Forensics Opportunities and Challenges Computer forensics creates opportunities to uncover evidence  impossible to find using a manual process One reason that computer forensics specialists have this opportunity  is due to the persistence of evidence Electronic documents are more difficult to dispose of than paper  documents Ways computer forensics is different from standard investigations: Volume of electronic evidence Distribution of evidence Dynamic content False leads Encrypted evidence Hidden evidence
Background image of page 4
5 Responding to a Computer Forensics  Incident Generally involves four basic steps similar to those of standard  forensics: Secure the crime scene Collect the evidence Establish a chain of custody Examine and preserve the evidence
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Securing the Crime Scene Physical surroundings of the computer should be clearly  documented Photographs of the area should be taken before anything is  touched Cables connected to the computer should be labeled to document  the computer’s hardware components and how they are connected Team takes custody of the entire computer along with the  keyboard and any peripherals
Background image of page 6
7 Preserving the Data Computer forensics team first captures any volatile data that  would be lost when computer is turned off and moves data to a 
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/28/2010 for the course NETWORK SE Security + taught by Professor None during the Three '10 term at University of Sydney.

Page1 / 26

Ch13 - Advanced Security and Beyond - A dvancedSecur ity...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online