Muutke küpsiste eelistusi

E-raamat: Implementing Digital Forensic Readiness: From Reactive to Proactive Process

4.25/5 (7 hinnangut Goodreads-ist)
(CISSP-ISSAP, CCFP, CSSLP, SSCP, EnCE, Director Security Forensics & Civil Investigations, Scotiabank)
  • Formaat: PDF+DRM
  • Ilmumisaeg: 29-Feb-2016
  • Kirjastus: Syngress Media,U.S.
  • Keel: eng
  • ISBN-13: 9780128045015
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 50,49 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Implementing Digital Forensic Readiness: From Reactive to Proactive ProcessSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 29-Feb-2016
  • Kirjastus: Syngress Media,U.S.
  • Keel: eng
  • ISBN-13: 9780128045015
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Implementing Digital Forensics Readiness: From Reactive to Proactive Process shows information security professionals how to increase operational efficiencies by implementing a pro-active approach to digital forensics in their organization. The bookbegins by showing how digital forensics aligns strategically within an information security’s overall program. It shows how the proper collection, preservation, and presentation of digital evidence is essential for reducing potential business impact as a result of digital crimes, disputes, and incidents, also explaining how every stage in the digital evidence lifecycle impacts the integrity of data, and how to properly manage digital evidence throughout the entire investigation. Using a digital forensic readiness approach and preparedness as a business goal, the book consists of administrative, technical, and physical actions to enhance the use digital evidence.Implementing Digital Forensics Readiness: From Reactive to Proactive Process shows how to document the available systems and logs as potential digital evidence sources. The book shows how gap analysis can be used where digital evidence is not sufficient, and the importance of monitoring data sources in a timely manner so that digital evidence can identify and detect incidents and events as they occur.Implementing Digital Forensics Readiness: From Reactive to Proactive Process offers a set of standard operating procedures to document how an evidence-based presentation of digital evidence should be made, and concludes with how to consult legal resources for reviewing digital evidence.Explores the training needed to ensure competent performance of the handling, collecting, and preservation of digital evidenceDiscusses the importance of how long term data storage must take into consideration confidentiality, integrity, and availability of digital evidenceEmphasizes how incidents identified through proactive monitoring can be reviewed in terms of business riskIncludes learning aids such as chapter introductions, objectives, summaries, and definitions

Muu info

This comprehensive book shows information security professionals how to implement a proactive approach to digital forensics in their organization
Preface xi
Introduction xiii
About the Author xv
Acknowledgments xvii
SECTION A DIGITAL FORENSICS
Chapter 1 Understanding Digital Forensics
3(14)
Introduction
3(1)
History of Digital Crime and Forensics
3(1)
Prologue (1960--80)
4(1)
Infancy (1980--95)
4(1)
Childhood (1995--2005)
5(1)
Adolescence (2005--15)
6(1)
The Future (2015 and Beyond)
7(1)
Digital Forensics Overview
8(1)
Why Is It Important?
8(1)
Legal Aspects
9(1)
Collecting Digital Evidence
10(3)
Volatile Data
10(1)
Nonvolatile Data
11(1)
Order of Volatility
12(1)
Types of Forensic Investigations
13(1)
Digital Forensic Resources
14(1)
Summary
15(1)
Taxonomy
15(2)
Chapter 2 Investigative Process Models
17(6)
Introduction
17(1)
Existing Process Models
17(4)
Digital Forensic Readiness Model
21(1)
Summary
22(1)
Chapter 3 Evidence Management
23(22)
Introduction
23(1)
Evidence Rules
23(2)
Preparation
25(9)
Information Security Management
25(5)
Digital Forensic Team
30(2)
Lab Environment
32(1)
Hardware and Software
33(1)
Gathering
34(4)
Operating Procedures
34(4)
Processing
38(1)
Presentation
39(1)
Summary
40(1)
Resources
40(1)
Taxonomy
40(5)
SECTION B DIGITAL FORENSIC READINESS
Chapter 4 Understanding Forensic Readiness
45(8)
Introduction
45(1)
Digital Forensics and Information Security
45(2)
Proactive Activities
46(1)
Reactive Activities
46(1)
What Is Forensic Readiness?
47(1)
Cost and Benefit of Forensic Readiness
48(3)
Cost Assessment
49(1)
Benefits
49(2)
Implementing Forensic Readiness
51(1)
Summary
52(1)
Taxonomy
52(1)
Chapter 5 Define Business Risk Scenarios
53(10)
Introduction
53(1)
What Is Business Risk?
53(2)
Forensic Readiness Scenarios
55(5)
Scenario #1 Reducing the Impact of Cybercrime
55(1)
Scenario #2 Validating the Impact of Cybercrime or Disputes
56(2)
Scenario #3 Producing Evidence to Support Organizational Disciplinary Issues
58(1)
Scenario #4 Demonstrating Compliance With Regulatory or Legal Requirements
59(1)
Scenario #5 Effectively Managing the Release of Court Ordered Data
59(1)
Scenario #6 Supporting Contractual and/or Commercial Agreements
60(1)
Scenario Assessment
60(1)
Summary
61(1)
Taxonomy
61(2)
Chapter 6 Identify Potential Data Sources
63(10)
Introduction
63(1)
What Is a Data Source?
63(1)
Background Evidence
64(1)
Foreground Evidence
64(1)
Cataloging Data Sources
64(6)
Phase #1 Preparation
65(1)
Phase #2 Identification
66(1)
Phase #3 Deficiencies
67(3)
External Data Considerations
70(1)
Data Exposure Concerns
70(1)
Forensics in the System Development Life Cycle
71(1)
Summary
71(1)
Taxonomy
72(1)
Chapter 7 Determine Collection Requirements
73(12)
Introduction
73(1)
Precollection Questions
73(2)
Evidence Collection Factors
75(6)
Time
75(1)
Metadata
76(1)
Cause and Effect
77(1)
Correlation and Association
78(1)
Corroboration and Redundancy
79(1)
Storage Duration
79(1)
Storage Infrastructure
80(1)
Data Security Requirements
81(1)
Summary
82(1)
Taxonomy
82(3)
Chapter 8 Establish Legal Admissibility
85(10)
Introduction
85(1)
Legal Admissibility
85(2)
Preservation Challenges
87(1)
Preservation Strategies
87(6)
Administrative Controls
88(1)
Technical Controls
88(3)
Physical Controls
91(2)
Summary
93(1)
Resources
93(1)
Taxonomy
94(1)
Chapter 9 Establish Secure Storage and Handling
95(10)
Introduction
95(1)
Secure Storage Attributes
95(4)
Least Privilege Access
96(1)
End-to-End Cryptography
97(1)
Integrity Checking
97(1)
Physical Security
98(1)
Administrative Governance Foundations
99(3)
Personnel
100(1)
Evidence Storage
100(1)
Evidence Handling
101(1)
Incident and Investigation Response
101(1)
Assurance Controls
101(1)
Backup and Restoration Strategies
102(2)
Near Real-Time Data Replication
103(1)
Data Replication
103(1)
Data Restoration From Online Backup Media
103(1)
Data Restoration From Off-line Backup Media
103(1)
Summary
104(1)
Taxonomy
104(1)
Chapter 10 Enable Targeted Monitoring
105(8)
Introduction
105(1)
What is (Un)Acceptable Activity?
105(1)
Traditional Security Monitoring
106(1)
Modern Security Monitoring
107(1)
Analytical Techniques
108(2)
Misuse Detection
109(1)
Anomaly Detection
109(1)
Specification-Based Detection
110(1)
Implementation Concerns
110(1)
Summary
111(1)
Taxonomy
111(2)
Chapter 11 Map Investigative Workflows
113(16)
Introduction
113(1)
Incident Management Lifecycle
113(2)
Integrating the Digital Forensic Readiness Model
114(1)
Incident Handling and Response
115(12)
Phase #1 Preparation
115(6)
Phase #2 Respond
121(3)
Phase #3 Restore
124(2)
Phase #4 Learn
126(1)
Investigation Workflow
127(1)
Summary
127(1)
Taxonomy
128(1)
Chapter 12 Establish Continuing Education
129(8)
Introduction
129(1)
Education and Training
129(4)
Awareness
130(1)
Basic Knowledge
131(1)
Functional Knowledge
131(1)
Specialized Knowledge
132(1)
Digital Forensic Roles
133(2)
Balancing Business Versus Technical Learning
135(1)
Summary
136(1)
Chapter 13 Maintain Evidence-Based Reporting
137(6)
Introduction
137(1)
Importance of Factual Reports
137(1)
Types of Reports
138(1)
Creating Understandable Reports
139(1)
Arranging Written Reports
139(2)
Inculpatory and Exculpatory Evidence
141(1)
Summary
141(1)
Taxonomy
142(1)
Chapter 14 Ensure Legal Review
143(8)
Introduction
143(1)
Technology Counseling
143(1)
Laws and Regulations
144(2)
IT Law
144(1)
Cyber or Internet Law
145(1)
Computer Law
145(1)
Obtaining Legal Advice
146(2)
Constraints
146(1)
Disputes
147(1)
Employees
147(1)
Liabilities
147(1)
Prosecution
147(1)
Communication
147(1)
Summary
148(1)
Resources
148(1)
Taxonomy
149(2)
Chapter 15 Accomplishing Forensic Readiness
151(6)
Introduction
151(1)
Maintain a Business-Centric Focus
151(1)
Do Not Reinvent the Wheel
152(1)
Understand the Costs and Benefits
152(1)
Summary
153(1)
Taxonomy
153(4)
SECTION C APPENDICES
Appendix A Investigative Process Models
157(20)
Appendix B Education and Professional Certifications
177(14)
Appendix C Tool and Equipment Validation Program
191(8)
Appendix D Service Catalog
199(4)
Appendix E Cost--Benefit Analysis
203(12)
Appendix F Building Taxonomy
215(6)
Appendix G Risk Assessment
221(16)
Appendix H Threat Modeling
237(10)
Appendix I Data Warehouse Introduction
247(12)
Appendix J Requirements Analysis
259(6)
Appendix K Investigative Workflow
265(8)
SECTION D TEMPLATES
Template A Test Case Document
273(8)
Template B Investigator Logbook
281(2)
Template C Chain of Custody Tracking Form
283(4)
Template D Investigative Final Report
287(4)
Template E Service Catalog
291(2)
Template F Business Case Document
293(10)
Template G Net Present Value
303(2)
Template H Threat/Risk Assessment Report
305(6)
Template I Data Source Inventory Matrix
311(2)
Template J Project Charter Document
313(14)
Template K Requirements Specification Document
327(8)
Bibliography 335(8)
Index 343
Jason has over a decade of experience in digital forensic investigations, secure software development, and information security architecture. He currently manages a team of forensic investigators and data breach analysts for The Bank of Nova Scotia, commonly known as Scotiabank, Canadas third largest and most international bank.Throughout his career, Jason has performed hundreds of digital forensic investigations involving Enterprise servers, network logs, smart phones, and database systems. Complimentary to his technical experiences, he has also developed and maintained processes and procedures, managed large information security budgets, and governed the negotiation of third-party contracts.In addition to his professional career, Jason serves as a contributing author and content moderator for DarkReading, is a subject matter expert for (ISC)2 professional exam development, and volunteers as an advocate for CyberBullying prevention and CyberSecurity awareness. He holds several Information Security and Digital Forensic certifications including: Certified Information Systems Security Professional - Information Systems Security Architecture Professional (CISSP-ISSAP), Certified Cyber Forensics Professional (CCFP), Certified Secure Software Lifecycle Professional (CSSLP), Systems Security Certified Practitioner (SSCP), and EnCase Certified Examiner (EnCE).
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801280450152e.html
Märksõnad: