Forensic Investigation

Determine-the-Database-Evidence-Repositories-and-collect-the-evidence-files

Determine the Database Evidence Repositories & Collect the Evidence files

Leave a Comment / CHFI / By

Determine the Database Evidence Repositories & collect the evidence files in this Sources that provide the valuable information are at times overlooked by the investigators. For instance, in intellectual property cases, databases containing finance related data are the prime targets for attackers to damage databases. In such case, source code repositories, knowledge management systems, and document management systems may provide better insights to the investigator to a suspected breach. Thus, investigators will be able to …

Determine the Database Evidence Repositories & Collect the Evidence files Read More »

Linux-Forensics

Linux Forensics

Leave a Comment / CHFI, Knowledge Base / By

Linux forensics refers to performing forensic investigation on a Linux operated device. To do so, the investigators should have a good understanding on the techniques required to conduct live analysis; to collect volatile and non-volatile data, along with knowledge of various shell commands and the information they can retrieve. The investigators should also be aware of the Linux log files, their storage and location in the directory, as they are the most important sources of information …

Linux Forensics Read More »

Understand-Static-Data-Acquisition

Understand Static Data Acquisition

Leave a Comment / CHFI, Knowledge Base / By

Understand Static Data Acquisition in this refer to the non-volatile data, which does not change its state after the system shut down. Static data acquisition refers to the process of extracting and gathering the unaltered data from storage media. Sources of non-volatile data include hard drives, DVD-ROMs, USB drives, flash cards, smart-phones, external hard drives, etc. This type of data exists in the form of emails, word processing documents, web activity, spreadsheets, slack space, swap …

Understand Static Data Acquisition Read More »

ISO-27001-Annex-A.16.1.5-Response-to-Information-Security-Incidents

ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence

Leave a Comment / ISO 27001 La, Knowledge Base / By

In this article explain ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence this controls. A.16.1.5 Response to Information Security Incidents Control- In the context of the documented procedures, information security incidents should be responded to. Implementation Guidance- A nominated point of contact and other pertinent people within the organization or external parties should be able to respond to information security incidents. The …

ISO 27001 Annex : A.16.1.5 Response to Information Security Incidents, A.16.1.6 Learning from Information Security Incidents & A.16.1.7 Collection of Evidence Read More »

Forensic-Investigation-Analysis

Forensic Investigation Analysis

Leave a Comment / CTIA / By

Forensic Investigation Forensic Investigation Analysis is an Incident response team arrived at the client site and discovered that an employee’s machine was infected with malware and was sending out emails to everyone in the victim’s address book. In situations like these, the usual response is to start a traditional forensic investigation in which the investigators pore over the infected machine for malicious code samples. Then, specialists place the potentially malicious code in a protected sandbox …

Forensic Investigation Analysis Read More »

What-is-Incident-Management?

What is Incident Management?

Leave a Comment / CTIA / By

Incident Management Incident management is a set of defined processes to identify, analyze, prioritize, and resolve security incidents to restore the system to normal service operations as soon as possible, and prevent further recurrence of the incident. It involves not only responding to incidents, but also triggering alerts to prevent potential risks and threats. Security administrator must identify software that is open to attacks before someone takes advantage of the vulnerabilities. IT incident management is …

What is Incident Management? Read More »