Evidence Handling and Administration
An integral part of every incident response is collecting evidence of what happened. Evidence is necessary to identify what happened, the scope of the incident, the extent of the effect, and the source of the incident. Evidence collection is critical to each investigation and can provide the basis for pursuing legal remedies and prosecution after the incident has been resolved. Understanding how to properly conduct evidence collection and handling is fundamental to properly handling incidents and laying a solid foundation for any future legal action.
Get Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
