audit

Examine Evidence files using SQL Server Management Studio and ApexSQL DBA

Leave a Comment / CHFI, Knowledge Base / By Tushar Panhalkar

In this article explain how to Examine Evidence files using SQL Server Management Studio and ApexSQL DBA this two topic are explained. Database Forensics Using SQL Server Management Studio Windows Event Viewer records all the events that occur on a system. In conjunction with the system logs, the application also records the 1v15SQL logs at an instance of a login attempt failure, or a SQL Server initiation/shutdown. Therefore, examining the windows event logs help forensic …

Examine Evidence files using SQL Server Management Studio and ApexSQL DBA Read More »

Understand Laws and Regulations

Leave a Comment / CHFI, Knowledge Base / By Tushar Panhalkar

Understand Laws and Regulations in this there are many laws that affect digital forensics investigation; for example, some jurisdictions have passed laws that require the investigator to be either a law enforcement officer or a licensed private investigator to extract the evidence. Of course, that does not prevent a forensic investigator from working with information someone else extracted or extracting evidence if the information owner gave his or her permission. It is important to be …

Understand Laws and Regulations Read More »

Introduction of Event Logs Analysis

Leave a Comment / CHFI / By Tushar Panhalkar

Introduction of Event Logs Analysis in this article Logs are the sequential records of events that have occurred or performed over a system. All the operating systems have the ability to store these records. Investigators can build timeline based on these logs and find exact time and location of attack. Operating systems regularly conduct audit of the contents and files in order to look for discrepancies. These files store the data regarding the previous state …

Introduction of Event Logs Analysis Read More »

ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

Control- ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity In order to ensure accurate and productive to adverse circumstances, the company must review on-going controls on safety information defined and enforced at regular intervals. Implementation Guidance- Changes in organizational, technological, administrative and procedures, whether operational or framework, will lead to changes in the criteria for the continuity of information security. In such cases, the continuity of information security processes, procedures and …

ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity Read More »

ISO 27001 Annex : A.16 Information Security Incident Management

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.16 Information Security Incident Management in this aerticle explain Management of Information Security Incidents and Improvements and there Responsibilities & Procedures. A.16.1 Management of Information Security Incidents and Improvements It’s objective is to ensure a clear and successful strategy, including communication on security incidents and vulnerabilities, for information security incidents management. A.16.1.1 Responsibilities and Procedures Control- In order to ensure a quick, efficient, and organized response to ISO 27001 Annex : …

ISO 27001 Annex : A.16 Information Security Incident Management Read More »

ISO 27001 Annex : A.15.2 Supplier Service Delivery Management

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.15.2 Supplier Service Delivery Management It’s objective is to maintain, in compliance with supplier agreements, an agreed level of information security and delivery of service. A.15.2.1 Monitoring and Review of Supplier Services Control- Organizations shall monitor, review and audit the provision of service to suppliers on a regular basis. Implementation Guidance – Monitoring and review of supplier services will ensure respect for the terms and conditions of information security of the …

ISO 27001 Annex : A.15.2 Supplier Service Delivery Management Read More »

ISO 27001 Annex : A.15.1.2 Addressing Security Within Supplier Agreements & A.15.1.3 Information and Communication Technology Supply Chain

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

In this article explain ISO 27001 Annex : A.15.1.2 Addressing Security Within Supplier Agreements & A.15.1.3 Information and Communication Technology Supply Chain this controls. A.15.1.2 Addressing Security Within Supplier Agreements Control- Any suppliers that view, process, store, communicate or provide IT infrastructure component information for the organization should be defined and agreed with all applicable information security requirements. Implementation Guidance- Supplier agreements should be defined and recorded so that the organization and the supplier do …

ISO 27001 Annex : A.15.1.2 Addressing Security Within Supplier Agreements & A.15.1.3 Information and Communication Technology Supply Chain Read More »

ISO 27001 Annex : A.14.3 Test data

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.14.3 Test data its objective is to ensure that data used for research are secured. A.14.3.1 Protection of test data Control – Careful collection, security, and review of test data should be performed. Implementation Guidance – It should be avoided the use of operational information containing personal information or any other confidential information for test purposes. Where personal information or otherwise confidential information for testing purposes is used, all sensitive information …

ISO 27001 Annex : A.14.3 Test data Read More »

ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

Control- ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions in order to avoid incomplete transmission, misrouting, unauthorized messaging modification, unauthorized dissemination, unauthorized message replication, or replay, information concerning application service transactions should be covered. Implementation Guidance – The following should include information security considerations for application service transactions: The use by each party involved in the transaction of electronic signatures; All transaction aspects, i.e. making sure: All parties’ information about the user’s secret authentication …

ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions Read More »

ISO 27001 Annex : A.12.7 Information Systems Audit Considerations

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.12.7 Information Systems Audit Considerations Its objective is minimizing the impact on operating systems of audit activities. A.12.7.1 Information Systems Audit Controls Control- The audit criteria and activities related to operating system verification should be carefully prepared and decided in order to reduce business process disturbance. Implementation Guidance – It is necessary to follow the following guidance: audit standards for access to systems and data should be negotiated with appropriate management; …

ISO 27001 Annex : A.12.7 Information Systems Audit Considerations Read More »

Examine Evidence files using SQL Server Management Studio and ApexSQL DBA

Understand Laws and Regulations

Introduction of Event Logs Analysis

ISO 27001 Annex : A.17.1.3 Verify, Review and Evaluate Information Security Continuity

ISO 27001 Annex : A.16 Information Security Incident Management

ISO 27001 Annex : A.15.2 Supplier Service Delivery Management

ISO 27001 Annex : A.14.3 Test data

ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions

ISO 27001 Annex : A.12.7 Information Systems Audit Considerations

Course Categories

Quick Menu

Contact us

Recent Posts

Find Us Here