Assignment writing rules Essay

A computer forensic investigation has three phases. List what they are and describe the activities that happen in each phase. The three phases of computer forensic investigations are; acquire the evidence, authenticate the evidence, and analyze the evidence. In acquiring the evidence the data is collected. Authenticating the evidence a chain of custody is used for the evidence to ensure TTS trustworthiness.

Finally in analyzing the evidence the data is viewed and if need be a copy of the evidence can be created. 3. Following a serious incident, post-mortem review meetings are conducted to review what happened. Describe how the CIRRI post-mortem review helps mitigate risk. A CIRRI plan identifies the tasks each individual team has, therefore during the review they may input critical information so that when a problem of the same category presents itself there could be steps in plan to help mitigate the response. 4. NIST SP 800-61 describes three models you can use for a CIRRI.

We will write a custom essay sample on
Assignment writing rules
specifically for you for only $13.9/page
Order now

List the three models and describe how they function. Critical incident response team: May be used by organizations with one location, or have a single team that can cover multiple locations. Distributed incident response teams: If an organization has multiple locations this will be used, but the team at headquarters will have control of all the say at each location. Coordinating team: Senior personnel, who provide advice to other teams, but don’t have any authority over the team.

Haven’t Found A Paper?

Let us create the best one for you! What is your topic?

By clicking "SEND", you agree to our terms of service and privacy policy. We'll occasionally send you account related and promo emails.

Eric from Graduateway Hi there, would you like to get an essay? What is your topic? Let me help you

logo

Haven't found the Essay You Want?

Get your custom essay sample

For Only $13.90/page