A Ten Step Process for Forensic Readiness.
作者: Robert Rowlingson
DOI:
关键词: Information security 、 Legal advice 、 Risk analysis (engineering) 、 Interfacing 、 Digital evidence 、 Law enforcement 、 Process (engineering) 、 Cost–benefit analysis 、 Forensic science 、 Computer science
摘要: A forensic investigation of digital evidence is commonly employed as a post-event response to serious information security incident. In fact, there are many circumstances where an organisation may benefit from ability gather and preserve before incident occurs. Forensic readiness defined the maximise its potential use whilst minimising costs investigation. The benefits such approach outlined. Preparation involve enhanced system staff monitoring, technical, physical procedural means secure data evidential standards admissibility, processes procedures ensure that recognise importance legal sensitivities evidence, appropriate advice interfacing with law enforcement. This paper proposes ten step process for implement readiness.
参考文章(3)
T. Killalea, D. Brezinski, Guidelines for Evidence Collection and Archiving Guidelines for Evidence Collection and Archiving. ,vol. 3227, pp. 1- 10 ,(2002)
A Ahmad, The forensic chain-of-evidence model: Improving the process of evidence collection in incident handling procedures The Next E-What? for Business and Communities?. ,(2002)
A Ahmad, Ab Ruighaver, Improved event logging for security and forensics: developing audit management infrastructure requirements ISOneWorld Conference: Nurturing Executive Networks. ,(2003)