eBook - ePub
Implementing Digital Forensic Readiness
From Reactive to Proactive Process
- 374 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
About this book
Implementing Digital Forensic Readiness: From Reactive to Proactive Process shows information security and digital forensic professionals how to increase operational efficiencies by implementing a pro-active approach to digital forensics throughout their organization. It demonstrates how digital forensics aligns strategically within an organization's business operations and information security's program. This book illustrates how the proper collection, preservation, and presentation of digital evidence is essential for reducing potential business impact as a result of digital crimes, disputes, and incidents. It also explains how every stage in the digital evidence lifecycle impacts the integrity of data, and how to properly manage digital evidence throughout the entire investigation. Using a digital forensic readiness approach and preparedness as a business goal, the administrative, technical, and physical elements included throughout this book will enhance the relevance and credibility of digital evidence. Learn how to document the available systems and logs as potential digital evidence sources, how gap analysis can be used where digital evidence is not sufficient, and the importance of monitoring data sources in a timely manner. This book offers standard operating procedures to document how an evidence-based presentation should be made, featuring legal resources for reviewing digital evidence.
- Explores the training needed to ensure competent performance of the handling, collecting, and preservation of digital evidence
- Discusses the importance of how long term data storage must take into consideration confidentiality, integrity, and availability of digital evidence
- Emphasizes how incidents identified through proactive monitoring can be reviewed in terms of business risk
- Includes learning aids such as chapter introductions, objectives, summaries, and definitions
Tools to learn more effectively
Saving Books
Keyword Search
Annotating Text
Listen to it instead
Information
Section C
Appendices
Introduction
Introduction
Digital forensic readiness requires organizations to strategically integrate its business functions and processes with its administrative, technical, and physical information security controls to maximize the use of digital evidence while minimizing investigative costs. By doing so, organizations are in a much better position to proactively detect and deter security events before they escalate into a more serious incident or reactive investigation.
While not directly related to how the digital forensic discipline is practiced, the supplemental business functions and processes discussed in this section of the book are essential to successfully implementing a digital forensic readiness. Using these business functions and processes as part of a digital forensic readiness program allows organizations to make much more appropriate and informed decisions about their business risks specific to the digital forensic investigations.
In this section, the business function and processes discussed throughout the book have been included as supplemental content to digital forensic readiness. While these materials can be used as part of the digital forensic readiness program, they have been included as stand-alone materials and can be referenced as independent functions and processes that can also be used in other contexts.
Appendix A: Investigative Process Models
Introduction
Ever since forensic science became an established component of digital forensics, there have been a number of suggested and proposed process models. As early as 1984, law enforcement agencies began developing processes and procedures around computer forensic investigations. This led to the determination that as a result of bypassing, switching, or not following correct processes, the investigation could result in incomplete or missed evidence.
To examine the specified process models, the components of each model have been standardized to describe the activities performed as part of the investigative workflow. The term āprocess modelā is used to represent all activities included in the proposed investigative workflow. The term āphaseā is used to represent the high-level components within the process model and the term ātaskā is used to represent the specific activity within the higher-level components.
There has been several digital forensic process models developed over the years to address either a specific need, such as law enforcement, or with a generalized scope with the intention that the process model could be adopted universally. While there might be some process models absent from the table below, Table A.1 contains a chronological list of process models including a unique identifier, the author(s), the publication year, and the number of phases included in the model.
Process Models
It is important to note that inclusion of the process models in Table A.1 does not suggest that these are better or recommended over other models that were not included. The following sections further dissect all process models, identified in Table A.1, in greater detail to extract the phases and better understand how the process model is structured.
[M01] Computer Forensic Investigative Process (1995)
Consisting of four phases, this model was proposed as a means of assuring evidence handling during a computer forensic investigation followed scientifically reliable and legally acceptable methodologies (Figure A.1).
ā¢ Acquisition requires that digital evidence is collected using acceptable methodologies only after receiving proper approval from authorities
ā¢ Identification interprets digital evidence and converts it into a readable human format
ā¢ Evaluation determines the digital evidenceās relevancy to the investigation
ā¢ Admission documents relevant digital evidence for legal proceedings
Table A.1
Digital Forensic Process Models
| ID | Name | Author(s) | Year | Phases |
| M01 | Computer Forensic Investigative Process | M. Pollitt | 1995 | 4 |
| M02 | Computer Forensic Process Model | US Department of Justice | 2001 | 4 |
| M03 | Digital Forensic Research Workshop Investigative Model (Generic Investigation Process) | Palmer | 200... |
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Preface
- Introduction
- About the Author
- Acknowledgments
- Section A. Digital Forensics
- Section B. Digital Forensic Readiness
- Section C. Appendices
- Section D. Templates
- Bibliography
- Index
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, weāve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere ā even offline. Perfect for commutes or when youāre on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Implementing Digital Forensic Readiness by Jason Sachowski in PDF and/or ePUB format, as well as other popular books in Computer Science & Information Management. We have over one million books available in our catalogue for you to explore.