Liknande böcker
Computer Forensics: A Pocket Guide : a pocket guide
Bok av Nathan Clarke
How would your organisation cope with a cyber attack? Pinpoint and close vulnerabilities using effective computer forensics!
The primary purpose of computer forensics is to enable organisations to pinpoint where the malware has infected their computer systems and which files have been infected, so that they can close the vulnerability. More and more organisations have realised that they need to acquire a forensic capability to ensure they are ready to cope with an information security incident.
This pocket guide illustrates the technical complexities involved in computer forensics, and shows managers what makes the discipline relevant to their organisation. For technical staff, the book offers an invaluable insight into the key processes and procedures that are required.
Benefits to business include:
* Defend your company effectively against attacks
By developing a computer forensic capability, your organisation will be better prepared to defend itself in the event of a cyber attack. Surveys of the threat landscape have indicated a significant upswing of insider activity. Forensics within the organisation can be used to identify possible insider misuse of systems or information. In addition, this pocket guide looks at how you can optimise your IT infrastructure so as to enhance the efficiency of incident analysis. This will also minimise the operational impact on your computer systems in the event that a forensic analysis is required.
* Be proactive
Being proactive does not just mean making sure your organisations IT infrastructure is one that can support forensic analysis of incidents. Forensics is now no longer merely a tool to identify what has gone wrong: it can also be used as a mechanism for alerting you to the fact that something has gone wrong. Being proactive therefore implies stepping up your organisations ability to detect attacks. Detection of attacks is an extremely useful attribute for your organisation to have: the sooner you know about the problem, the sooner you can begin to deal with it.
* Secure evidence that will stand up in court
Undertaking forensics is not a simple task. It is not always possible to understand the true consequences of insider misuse until after completion of the investigation. Once the extent of the damage becomes clear, you may want to exercise the option of taking legal action against the perpetrator. This means that it is essential for you to follow correct procedure, so as to safeguard any evidence gathered. This book explains the key steps you need to take to maintain the integrity of the investigation and preserve the evidence.
* Counter encryption
Encryption is a double-edged sword. Encryption has a legitimate purpose as a tool deployed by information security professionals. However, the opportunity to conceal data has obvious attractions for the criminal, meaning that en...