2 cissp ® Official Study Guide Eighth Edition


Reporting and Documenting Investigations



Download 19,3 Mb.
Pdf ko'rish
bet795/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   791   792   793   794   795   796   797   798   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Reporting and Documenting Investigations 
Every investigation you conduct should result in a fi nal report that documents the goals of 
the investigation, the procedures followed, the evidence collected, and the fi nal results of 
the investigation. The degree of formality behind this report will vary based upon the orga-
nization’s policy and procedures, as well as the nature of the investigation. 
Preparing formal documentation is very important because it lays the foundation for 
escalation and potential legal action. You may not know when an investigation begins (or 
even after it concludes) that it will be the subject of legal action, but you should prepare for 
that eventuality. Even internal investigations into administrative matters may become part 
of an employment dispute or other legal action. 
It’s a good idea to establish a relationship with your corporate legal personnel and the 
appropriate law enforcement agencies. Find out who the appropriate law enforcement con-
tacts are for your organization and talk with them. When the time comes to report an inci-
dent, your efforts at establishing a prior working relationship will pay off. You will spend 
far less time in introductions and explanations if you already know the person with whom 
you are talking. It is a good idea to identify, in advance, a single point of contact in your 
organization that will act as your liaison with law enforcement. This provides two benefi ts. 
First, it ensures that law enforcement hears a single perspective from your organization 
and knows the “go-to” person for updates. Second, it allows the predesignated contact to 
develop working relationships with law enforcement personnel. 
One great way to establish technical contacts with law enforcement is to 
participate in the FBI’s InfraGard program. InfraGard exists in most major 
metropolitan areas in the United States and provides a forum for law 
enforcement and business security professionals to share information in a 
closed environment. For more information, visit
www.infragard.org
 .

Major Categories of Computer Crime 
857
Major Categories of Computer Crime
There are many ways to attack a computer system and many motivations to do so. 
Information system security practitioners generally put crimes against or involving comput-
ers into different categories. Simply put, a 
computer crime
is a crime (or violation of a law 
or regulation) that involves a computer. The crime could be against the computer, or the 
computer could have been used in the actual commission of the crime. Each of the catego-
ries of computer crimes represents the purpose of an attack and its intended result.
Any individual who violates one or more of your security policies is considered to be an 
attacker.
An attacker uses different techniques to achieve a specific goal. Understanding the 
goals helps to clarify the different types of attacks. Remember that crime is crime, and the 
motivations behind computer crime are no different from the motivations behind any other 
type of crime. The only real difference may be in the methods the attacker uses to strike.
Computer crimes are generally classified as one of the following types:

Military and intelligence attacks

Business attacks

Financial attacks

Terrorist attacks

Grudge attacks

Thrill attacks
It is important to understand the differences among the categories of computer crime 
to best understand how to protect a system and react when an attack occurs. The type and 
amount of evidence left by an attacker is often dependent on their expertise. In the following 
sections, we’ll discuss the different categories of computer crimes and the types of evidence 
you might find after an attack. This evidence can help you determine the attacker’s actions 
and intended target. You may find that your system was only a link in the chain of network 
hops used to reach the real victim, making the trail harder to follow back to the true attacker.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   791   792   793   794   795   796   797   798   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish