Chapter 41

Cyber Forensics and Incidence Response

Cem Gurkok     Terremark Worldwide, Inc., Miami, FL, United States

Abstract

Listening to the news on a daily basis, it has become evident that it is a matter of when rather than if any given computing device will be compromised. What really matters is how fast one responds to the compromise to mitigate loss and to prevent future incidents. To be able to react with speed, proper plans and procedures need to be implemented beforehand, and tested on a regular basis for preparedness. Part of the response process is to investigate and understand the nature of the compromise. Cyber forensics is an integral part of incident response that fills this role. It is a form of forensic science whose aim is to identify, ...

Get Computer and Information Security Handbook, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.