TrabalhosGratuitos.com - Trabalhos, Monografias, Artigos, Exames, Resumos de livros, Dissertações
Pesquisar

Incidents and Ethics

Resenha: Incidents and Ethics. Pesquise 861.000+ trabalhos acadêmicos

Por:   •  1/6/2013  •  Resenha  •  504 Palavras (3 Páginas)  •  468 Visualizações

Página 1 de 3

732 Chapter 18  Incidents and Ethics

network send their log records to a centralized log server that is locked down against attack

and does not allow for the modifi cation of data. This technique provides protection from

post - incident log fi le cleansing. Administrators also often use digital signatures to prove

that log fi les were not tampered with after initial capture. For more on digital signatures,

see Chapter 10, “ PKI and Cryptographic Applications. ”

Another important forensic technique is to preserve the original evidence. Remember

that the very conduct of your investigation may alter the evidence you are evaluating.

Therefore, it ’ s always best to work with a copy of the actual evidence whenever possible.

For example, when conducting an investigation into the contents of a hard drive, make an

image of that drive, seal the original drive in an evidence bag, and then use the disk image

for your investigation.

As with every aspect of security planning, there is no single solution. Get familiar with

your system, and take the steps that make the most sense for your organization to protect it.

Reporting Incidents

When should you report an incident? To whom should you report it? These questions are

often diffi cult to answer. Your security policy should contain guidelines on answering both

questions. There is a fundamental problem with reporting incidents. If you report every

incident, you run the very real risk of being viewed as a noisemaker. When you have a

serious incident, you may be ignored. Also, reporting an unimportant incident could give

the impression that your organization is more vulnerable than is the case. This can have a

serious detrimental effect on organizations that must maintain strict security. For example,

daily incidents at your bank would probably not instill additional confi dence in their

security practices.

On the other hand, escalation and legal action become more diffi cult if you do not

report an incident soon after discovery. If you delay notifying authorities of a serious

incident, you will probably have to answer questions about your motivation for delaying.

Even an innocent person could look as if they were trying to hide something by not

reporting an incident in a timely manner.

As with most security topics, the answer is not an easy one. In fact, you are compelled

by

...

Baixar como (para membros premium)  txt (3.3 Kb)  
Continuar por mais 2 páginas »
Disponível apenas no TrabalhosGratuitos.com