Explain the need for using established procedures for acquiring data after an attack or intrusion incident, and list some resources that address these needs.?

What will be an ideal response?


Following standard procedures is essential to ensure that all compromised systems have been found and to ascertain attack methods in an effort to prevent them from happening again. Procedures must be based on an organization's needs and should complement the network infrastructure.?To address these needs, NIST created "Guide to Integrating Forensic Techniques into Incident Response". In addition the paper "Identifying Critical Features for Network Forensics Investigation Perspectives" explores network investigations from the perspectives of the military, law enforcement, and industry.

Computer Science & Information Technology

You might also like to view...

A lambda expression begins with a parameter list and is followed by the ________ lambda operator and an expression that represents the lambda’s body.

a) -> b) => c) :^) d) =)

Computer Science & Information Technology

List the four questions that are in all threat assessments.

What will be an ideal response?

Computer Science & Information Technology

As a digital forensic investigator, which of the following statements define a valid piece of evidence?

a. A digital audio recorder b. A sticky note with a bunch of gibberish written on it c. Where the mouse is positioned on the desk d. A flash drive e. All of the other answers are correct.

Computer Science & Information Technology

Computers of the Future

What will be an ideal response?

Computer Science & Information Technology