Computer incident response and forensics team management : conducting a successful incident response /
Leighton R. Johnson, ; Mike Kessler, technical editor.
- xiii, 334 p. ; 24 cm.
CONTENTS
Introduction Definitions The stages of incident response methodology#1 methodology#2 post incident activity
The security incident response team members types of technical skills needed types of personal skills needed
Incident evidence
Incident response tools
Incident response policies and procedures
Legal requirements and considerations privacy ethics investigation guidelines
Governmental laws, policies and procedures US Government Canadian government EU
Forensics process prepare identify preserve select e.tc
Forensics team member requirements member criteria member expertise member certification
Forensics team policies and procedures forensics analysis process data collection chain of custody e.tc
Management of forensics evidence handling chain of evidence US Federal rules of civil procedure UK Civil procedure rules e.tc
Forensics tools types of forensic tools tools for specific operating systems and platforms e.tc
Legalities of forensics reasons for legal, statutory and regulatory compliance US criteria, laws and regulations e.tc
Forensics team oversight investigator's code of conduct use of templates for information recording
General team management external considerations general team management corporate IT-related security relationship relationship management conclusion Corporate it management Relationship management Conclusion.
Includes bibliographical references and index P. 329-334