Thou shalt not use a computer to harm other people. 2

864
Chapter 19 
■
Investigations and Ethics
Summary
Information security professionals must be familiar with the investigation process. This 
involves gathering and analyzing the evidence required to conduct an investigation. Security 
professionals should be familiar with the major categories of evidence, including real 
evidence, documentary evidence, and testimonial evidence. Electronic evidence is often 
gathered through the analysis of hardware, software, storage media, and networks. It is 
essential to gather evidence using appropriate procedures that do not alter the original evi-
dence and preserve the chain of custody.
Computer crimes are grouped into several major categories, and the crimes in each cat-
egory share common motivations and desired results. Understanding what an attacker is 
after can help in properly securing a system.
For example, military and intelligence attacks are launched to acquire secret information 
that could not be obtained legally. Business attacks are similar except that they target civilian 
systems. Other types of attacks include financial attacks (phone phreaking is an example of a 
financial attack) and terrorist attacks (which, in the context of computer crimes, are attacks 
designed to disrupt normal life). Finally, there are grudge attacks, the purpose of which is to 
cause damage by destroying data or using information to embarrass an organization or per-
son, and thrill attacks, launched by inexperienced crackers to compromise or disable a sys-
tem. Although generally not sophisticated, thrill attacks can be annoying and costly.
The set of rules that govern your personal behavior is a code of ethics. There are sev-
eral codes of ethics, from general to specific in nature, that security professionals can use 
to guide them. The (ISC)
2
makes the acceptance of its Code of Ethics a requirement for 
certification.
Exam Essentials

Download 19,3 Mb.

Do'stlaringiz bilan baham: