User Account

All Pages

Evidence collection policy

Assignment Help Basic Computer Science
Reference no: EM132548948

Scenario

After the recent security breach, Always Fresh decided to form a computer security incident response team (CSIRT). As a security administrator, you have been assigned the responsibility of developing a CSIRT policy that addresses incident evidence collection and handling. The goal is to ensure all evidence collected during investigations is valid and admissible in court.

Consider the following questions for collecting and handling evidence:

1. What are the main concerns when collecting evidence?

2. What precautions are necessary to preserve evidence state?

3. How do you ensure evidence remains in its initial state?

4. What information and procedures are necessary to ensure evidence is admissible in court?

Tasks

Create a policy that ensures all evidence is collected and handled in a secure and efficient manner.

Remember, you are writing a policy, not procedures. Focus on the high-level tasks, not the individual steps.

Address the following in your policy:

1. Description of information required for items of evidence.

2. Documentation required in addition to item details (personnel, description of circumstances, and so on)

3. Description of measures required to preserve initial evidence integrity.

4. Description of measures required to preserve ongoing evidence integrity.

5. Controls necessary to maintain evidence integrity in storage.

6. Documentation required to demonstrate evidence integrity.

Reference no: EM132548948

Questions Cloud

Discuss the potential customers for product-service : Develop a product service idea. Discuss the potential customers for this product/service.
Effect of culture on teams : Review one academically reviewed articles on how cultures affect team management. Develop power presentation based on the article.
Organization invests in data systems : Why do vendors have such an arrogant position about their technology once an organization invests in a data systems.
Security improvements for Always Fresh IT environment : One of the security improvements for the Always Fresh IT environment is to ensure all workstations and servers run secure applications.
Evidence collection policy : What are the main concerns when collecting evidence? What precautions are necessary to preserve evidence state?
Configuring desktop and system security : Essentially, it is a document that serves as a guide to configuring a desktop / system security.
Business intelligence-what is deep learning : What is deep learning? What can deep learning do that traditional machine-learning methods cannot?
Leveraging erm to practice strategic risk management : Do believe that risk is a two-sided coin with both upside gains and downside losses? Do you believe that ERM will continue to evolve, and if so, how?
Alternative techniques assignment : Define and provide an example of Rule Coverage and Accuracy. Describe what is used to separate data in Support Vector Machines.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  How to use the input validation

Requirement Determine if a word is a palindrome Using a cloulread in a word chaster by character Store each character in its own node.

  Cpi rating for the processor

The L1 miss penalty is 40 cycles and the L2 miss penalty is 400 cycles. What would be the effective (i.e., average) CPI rating for the processor with these cache miss rates?

  Determine whether or not the two conditions are equivalent

Determine whether or not the two conditions are equivalent - that is, whether they will be true or false for exactly the same values of the variables appearing in them.

  Discuss the team dynamics for a highly effective

Discuss the team dynamics for a highly effective or ineffective team of which you were a member. Can you explain why the team performed so well or so poorly?

  Create your own function that accepts one input parameter

Using Pseudocode, create your own function that accepts one input parameter and returns a float number. You decide the theme.

  Abstract mandatory-cyber attacks on critical infrastructures

ABSTRACT Mandatory-Cyber attacks on Critical Infrastructures. Try the literature reviews to have an idea how your literature review should look like.

  Same product appears as advertisement in your social media

You may have noticed that when you look at products on a search engine, that same product appears as an advertisement in your social media

  What are the levels of physical security

What is physical security? What are the levels of physical security? What are physical barriers and how they coincide with physical security?

  Demonstrate use of array

Make a simple program (to demonstrate use of array) that asks a user to type in numbers and keep typing in numbers until one of two things happen

  Component of a corporation global business strategy

With globalization, information technology has become a key component of a corporation's global business strategy.

  Building secure web applicatns

Do some research on Threat Response software. Find one particular software package to investigate. What kind of training is required?

  Calculate the probability that a known drug user

a. Calculate the probability that a known drug user will test positive. b. Calculate the probability that a known non-drug user will test negative.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd