TY  - BOOK
AU  - Johnson,Leighton R.
TI  - Computer incident response and forensics team management: conducting a successful incident response 
SN  - 9781597499965 (alk. paper)
U1  - 658.478 23
PY  - 2014///
CY  - Amsterdam, Boston
PB  - Elsevier, Syngress
KW  - Computer crimes
KW  - Investigation
KW  - Evidence, Criminal
KW  - Forensic sciences
N1  - 
CONTENTS

Introduction 
Definitions 
The stages of incident response 
methodology#1
methodology#2
post incident activity

The security incident response team members 
types of technical skills needed
types of personal skills needed

Incident evidence 

Incident response tools

Incident response policies and procedures

Legal requirements and considerations 
privacy
ethics
investigation guidelines

Governmental laws, policies and procedures 
US Government
Canadian government
EU

Forensics process 
prepare
identify
preserve
select
e.tc

Forensics team member requirements 
member criteria
member expertise
member certification

Forensics team policies and procedures 
forensics analysis process
data collection
chain of custody
e.tc

Management of forensics evidence handling 
chain of evidence
US Federal rules of civil procedure
UK Civil procedure rules
e.tc

Forensics tools 
types of forensic tools
tools for specific operating systems and platforms
e.tc

Legalities of forensics 
reasons for legal, statutory and regulatory compliance
US criteria, laws and regulations
e.tc

Forensics team oversight 
investigator's code of conduct
use of templates for information recording

General team management
external considerations
general team management
corporate IT-related security relationship
relationship management
conclusion
Corporate it management 
Relationship management 
Conclusion; Includes bibliographical references and index P. 329-334
ER  -