Evan Anderson
IS3350
Security Issues in Legal Context
Unit 10 (August 16, 2016)
Risk Analysis, Incident Response, and Computer Forensics
Learning Objectives
- Explain the importance of forensics examination in legal proceedings.
- Identify risk analysis and incident response procedures.
Key Concepts
- Risk analysis
- Incident response procedures
- Disaster recovery plans
- Cybercrime investigations
Assigned Reading
- Grama, Chapter 14. “Risk Analysis, Incident Response, and Contingency Planning”
- Grama, Chapter 15. “Computer Forensics and Investigations”
- SC Magazine: DiskFiltration attack uses acoustics to infiltrate air-gapped computers
- SC Magazine: Iran investigating possible cyber angle on oil fires
- SC Magazine: London police turn to private law firms to tackle cybercrime
Keywords
- Computer forensics
- Computer investigation techniques
- Computer forensics examiner
- Chain of custody
- Digital evidence recovery
- Access Data’s Forensic Tool Kit (FTK)
- Guidance Software's EnCase
- Risk analysis
- Incident response
- Risk management procedures
- Incident response team
- Corporate security policy
- Risk mitigation
Assignments and Study Materials
- Unit 10 Lecture Slides
- Discussion 10.1: Computer Forensics
- Lab 10.2: Case Study in Computer Forensics – Pharmaceutical Company
- Assignment 10.3: Executive Summary on Computer Forensics Suites
Questions and Feedback
Use the form below to ask questions or provide feedback about the concepts covered during Unit 10's session of class: