TAILIEUCHUNG - CISSP: Certified Information Systems Security Professional Study Guide 2nd Edition phần 9

cấu hình hệ thống đánh giá chức năng của các mục tiêu của nhà sản xuất cho mỗi phần cứng và phần mềm Chấp nhận kết quả thử nghiệm để chứng minh hệ thống máy tính thực thi chính sách an ninh D. quá trình xác định giao tiếp an toàn giữa các máy 3. | 530 Chapter 17 Law and Investigations Conducting the Investigation If you elect not to call in law enforcement you should still attempt to abide by the principles of a sound investigation to ensure the accuracy and fairness of your inquiry. It is important to remember a few key principles Never conduct your investigation on an actual system that was compromised. Take the system offline make a backup and use the backup to investigate the incident. Never attempt to hack back and avenge a crime. You may inadvertently attack an innocent third party and find yourself liable for computer crime charges. If in doubt call in expert assistance. If you don t wish to call in law enforcement contact a private investigations firm with specific experience in the field of computer security investigations. Normally it s best to begin the investigation process using informal interviewing techniques. These are used to gather facts and determine the substance of the case. When specific suspects are identified they should be questioned using interrogation techniques. Again this is an area best left untouched without specific legal advice. Summary Computer security necessarily entails a high degree of involvement from the legal community. In this chapter you learned about a large number of laws that govern security issues such as computer crime intellectual property data privacy and software licensing. You also learned about the procedures that must be followed when investigating an incident and collecting evidence that may later be admitted into a court of law during a civil or criminal trial. Granted computer security professionals can not be expected to understand the intricate details of all of the laws that cover computer security. However the main objective of this chapter is to provide you with the foundations of that knowledge. The best legal skill that a CISSP candidate should have is ability to identify a legally questionable issue and know when to call in an attorney who .

TỪ KHÓA LIÊN QUAN
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.