WGU - C702 Forensics and Network Intrusion

Document Content and Description Below

1. Aspects of Organizational Security: IT Security; Physical Security; Financial Security; Legal Security; 2. IT Security: Consists of: Application security; Computing security: Data security: ... Information security; Network security; 3. Application Security [IT Security]: Applications should be secured to over- come security weaknesses, vulnerabilities, and threats. Any loopholes in Web-based and other custom applications serve as opportunities for attackers. 4. Computing Security [IT Security]: Computers should be secured from threats like viruses, Trojans, and intruders. organizations must have an effective securi- ty policy which involves security management, systems engineering, protection against insider threats, and general workplace policies, standards, guidelines, and procedures. 5. Data Security [IT Security]: important information about the organization. It is important to secure data to avoid any manipulation of data, data loss, or threats to data secrecy. Any change in the identity of data or any loss of data causes a huge amount of damage, financial loss, and loss of goodwill for the organization. 6. Information Security [IT Security]: Securing information protects information and information systems from illegal access, use, modification, or destruction. It ensures confidentiality, integrity, and availability of data. 7. Network Security [IT Security]: Networks are used to send important and private data from one system to another. Networks should be secured for safe transfer of data. Damage to the network makes the data transfer vulnerable and may crash the system. 8. Physical Security: Consists of: Facilities security: Human security: Border security; Biometric security; 9. Facilities Security [Physical Security]: Facilities and an organization's equip- ment should be properly and highly secured. Damage to facilities can cause physical harm such as a system crash or power failure. 10. Human Security [Physical Security]: The employees of an organization should be given security awareness training and be involved in the entire business security process in order to gain their trust and acceptance of the security policy. Ignoring human security concerns can cause employees to leave, leading to loss of business. 11. Financial Security: Consists of: Security from frauds; Phishing attacks; Botnets; Threats from cyber criminals; Credit card fraud; 12. Security from fraud [Financial Security]: To function properly and negate losses, an organization must be financially secure from both internal and external threats. Security breaches may be caused by data manipulations, system vulner- abilities and threats, or data theft. 13. Legal Security: Consists of: National security; Public security; Defamation; Copyright information; Sexual harassment; 14. National security [Legal Security]: National security is threatened if there are any governmental problems, improper management, economic slowdown, or other nationwide issues. 15. Public Security [Legal Security]: Public security is threatened if there are any internal riots, strikes, or clashes among the people of the country. 16. Forensic Readiness: involves an organization having specific incident re- sponse procedures in place, with designated trained personnel assigned to handle any investigation. It enables an organization to collect and preserve digital evidence in a quick and efficient manner with minimal investigation costs 17. First Responder:: Is responsible for protecting, integrating, and preserving the evidence obtained from the crime scene. The first responder must investigate the crime scene in a lawful matter so that any obtained evidence will be acceptable in a court of law 18. Computer Forensics or Forensic Computing:: Computer forensics is the application of investigation and analysis techniques to gather and preserve evi- dence from a particular computing device in a way that is suitable for presentation in a court of law. 19. Computer Forensics [goals]: The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it 20. Forensic Investigator:: an Investigator who helps organizations and law en- forcement agencies in investigating and prosecuting cyber crimes. He is responsi- ble for the acquisition, identification, preservation, documentation and the creation of an image back-up [bit by bit] of the evidence without affecting or changing same 21. Forensic Science:: It's the application of physical sciences to law in search for truth in civil, criminal, and social behavioral matters for the purpose of ensuring injustice shall not be done to any member of society 22. Network Forensics:: Network Forensics is the capturing, recording, and analysis of network events in order to discover the source, path and Intrusion techniques of security attacks 23. Chain of Custody:: A method for documenting the history and possession of a sample from the time of collection, though analysis and data reporting, to its final disposition 24. Bit Stream copy:: A bit by bit copy of the original storage medium and or evidence 25. Ext3:: Ext3 or third extended file system, is a journaled file system that is commonly used by the Linux kernel. It is the default file system for many popular Linux distributions 26. Logical block addressing [LBA]:: used for specifying the location of blocks of data stored on computer storage devices such as hard disks. LBA is a particularly simple linear addres [Show More]

Last updated: 2 years ago

Preview 1 out of 15 pages