Discuss a strategy for an maintaining up-to-date understanding of the capability of the forensics process.
What will be an ideal response?
There are several strategies to maintaining up-to-date understanding of the capability of the forensics process. One is based on routine reviews. At regular intervals, such as quarterly or semi-annually, all relevant forensics procedures, protocols, and technologies are reviewed to ensure their effectiveness against corporate goals. A second method is to institute rigorous change management control into the forensic process itself. In that respect, the reviews and tests that are done as part of the evaluation of the correctness of the change ensure that the components of the forensics process always remain up to date and valid. This latter approach eliminates any time lag that might take place between significant system changes and updates to the forensic process and its technologies.
You might also like to view...
Consider classes A, B and C, where A is an abstract superclass, B is a concrete class that inherits from A and C is a concrete class that inherits from B. Class A declares abstract method originalMethod, implemented in class B. Which of the following statements is true of class C?
a. Method originalMethod cannot be overridden in class C—once it has been implemented in concrete class B, it is implicitly final. b. Method originalMethod must be overridden in class C, or a compilation error will occur. c. If method originalMethod is not overridden in class C but is called by an object of class C, an error occurs. d. None of the above.
Unlike logic errors, syntax errors are much more difficult to find because they do not trigger an error message from the Code Editor.
Answer the following statement true (T) or false (F)
Codes are:
A) used in GUI programs to ensure that codes keyed by the user are valid. B) used in a validation program to ensure that only valid codes have been entered. C) printed in reports. D) displayed on screens. E) All of the above.
What is a means to ensure that endpoint devices can interact with the Internet while minimizing risk of system compromise?
A. Only use encrypted communication protocols. B. Use strong authentication. C. Use a virtualized OS. D. Implement a weekly backup.