9 OTHER TECHNICAL ASPECTS

In this chapter the reader will gain an understanding of the important aspects of incident investigation and how the forensic evidence may be preserved. They will learn about the basic concepts of and uses of cryptography.

INVESTIGATIONS AND FORENSICS

We have already mentioned that, even in organisations with very effective governance, there will be occasions on which it is necessary to investigate activity and use forensic techniques to discover and preserve evidence for later use. Some of this has already been described in previous chapters and the reader will be referred back to that material where appropriate. It is advisable to read the section on ‘Security incident management’ in Chapter 3 if you have not already ...

Get Information Security Management Principles - Second edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.