CompTIA Security+ SY0-601 Cert Guide, 5th Edition

Chapter 30

Understanding the Key Aspects of Digital Forensics

This chapter covers the following topics related to Objective 4.5 (Explain the key aspects of digital forensics) of the CompTIA Security+ SY0-601 certification exam:

Documentation/evidence
- Legal hold
- Video
- Admissibility
- Chain of custody
Timelines of sequence of events
- Time stamps
- Time offset
Tags
Reports
Event logs
Interviews
Acquisition
- Order of volatility
- Disk
- Random-access memory (RAM)
- Swap/pagefile
- OS
- Device
- Firmware
- Snapshot
- Cache
- Network
- Artifacts
On-premises vs. cloud
- Right-to-audit clauses
- Regulatory/jurisdiction
- Data breach notification laws
Integrity
- Hashing
- Checksum
- Provenance
Preservation
- E-discovery
- Data recovery
- Non-repudiation
- Strategic intelligence/counterintelligence ...

Get CompTIA Security+ SY0-601 Cert Guide, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-601 Cert Guide, 5th Edition by Omar Santos, Ron Taylor, Joseph Mlodzianowski

Chapter 30

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly