Compare and contrast how in information security, most operations focus on policiesthose documents that provide managerial guidance
Question:
Compare and contrast how in information security, most operations focus on policies—those documents that provide managerial guidance for ongoing implementation and operations. In digital forensics, however, the focus is on procedures instead.
Establish an understanding that strong procedures for handling evidentiary material minimize the chance an organization would lose a legal challenge.
Outline the core components of specific procedures and how to use these with regard to evidence-based practices:
Who may conduct an investigation
Who may authorize an investigation
What affidavits and related documents are required
What search warrants and related documents are required
What digital media may be seized or taken offline
What methodology should be followed
What methods are required for chain of custody or chain of evidence
What format the final report should take, and to whom it should it be given
Explain how the policy document should be supported by a procedures manual, developed based on the documents discussed earlier, along with guidance from law enforcement or consultants.
Step by Step Answer:
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord