Book description
Computer Incident Response and Forensics Team Management provides security professionals with a complete handbook of computer incident response from the perspective of forensics team management. This unique approach teaches readers the concepts and principles they need to conduct a successful incident response investigation, ensuring that proven policies and procedures are established and followed by all team members.Leighton R. Johnson III describes the processes within an incident response event and shows the crucial importance of skillful forensics team management, including when and where the transition to forensics investigation should occur during an incident response event. The book also provides discussions of key incident response components.
- Provides readers with a complete handbook on computer incident response from the perspective of forensics team management
- Identify the key steps to completing a successful computer incident response investigation
- Defines the qualities necessary to become a successful forensics investigation team member, as well as the interpersonal relationship skills necessary for successful incident response and forensics investigation teams
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Dedication
- About the Author
- Section 1. Introduction
- Section 2. Definitions
-
Part 1: Incident Response Team
- Part 1. Incident Response Team
- Section 3. The Stages of Incident Response
- Section 4. The Security Incident Response Team Members
- Section 5. Incident Evidence
- Section 6. Incident Response Tools
- Section 7. Incident Response Policies and Procedures
- Section 8. Legal Requirements and Considerations
- Section 9. Governmental Laws, Policies, and Procedures
-
Part 2: Forensics Team
- Part 2. Forensics Team
- Section 10. Forensics Process
- Section 11. Forensics Team Requirements Members
-
Section 12. Forensics Team Policies and Procedures
- Forensics Analysis Process
- Data Collection
- Chain of Custody
- Evidence Handling and Control
- Evidence “Hand-over” to External Parties, LEO
- Hardware Specific Acquisition—SIM Cards, Cell Phone, USB Storage, etc.
- Data Type Acquisition—Audio Files, Video Files, Image Files, Network Files, Log Files
- Investigation Process
- Examination Process
- Data Review
- Research Requirements
- Forensics Reporting
- Analysis of Results
- Expert Witness Process
- Section 13. Management of Forensics Evidence Handling
- Section 14. Forensics Tools
- Section 15. Legalities of Forensics
- Section 16. Forensics Team Oversight
- Part 3: General Management and Team
- Appendix A. References
- Appendix B. Relevant Incident Response and Forensics Publications from Governmental Agencies and Organizations
- Appendix C. Forensics Team Templates
- Index
Product information
- Title: Computer Incident Response and Forensics Team Management
- Author(s):
- Release date: November 2013
- Publisher(s): Syngress
- ISBN: 9780124047259
You might also like
book
Hands-on Incident Response and Digital Forensics
In this practical guide, the relationship between incident response and digital forensics is explored and you …
book
Digital Forensics and Incident Response
A practical guide to deploying digital forensic techniques in response to cyber security incidents About This …
book
Incident Response & Computer Forensics, Third Edition, 3rd Edition
The definitive guide to incident response--updated for the first time in a decade! Thoroughly revised to …
book
Digital Forensics and Incident Response - Second Edition
Build your organization's cyber defense system by effectively implementing digital forensics and incident management techniques Key …