Exam Essentials

Previous page
Table of content
Next page

Be able to identify the key steps in a forensics investigation. The key steps are the three A's: acquire the evidence, authenticate the evidence, and analyze the evidence. These steps are the primary steps of a forensics process.

Be able to explain a chain of custody. The chain of custody involves documenting and recording every act involved in the preservation and collection of evidence. Each activity should be logged in order to show that the evidence was always under the control of an authorized individual in the investigation.

Be able to explain the principles involved in preserving evidence. The preservation of evidence is a critical component of an investigation or legal process. Evidence should be stored in an environment that is appropriate for the evidence. Electronic media should be stored in an environmentally appropriate manner for the type of media. Failing to do this may cause damage to the evidence or render it unusable in an investigation.

Be able to explain the principles used in the collection of evidence. Evidence collection requires that all participants keep notes on what events occurred, how evidence was collected, and who was given custody of the evidence. This helps establish a chain of custody, and it helps investigators keep facts and events straight. This information would likely be used in a legal proceeding. These notes may not be usable if the investigator is called as a witness. This information should be reviewed before testifying.

Be able to explain the process used to educate an organization about security issues. The four major aspects of a security management policy are communications, user awareness, education, and online resources. Communication should be regular and help the organization make decisions about security requirements and threats. A user-awareness program helps individuals in an organization understand how to implement policies, procedures, and technologies to ensure effective security. A wealth of online information is available to help you learn about current trends in the field. One of your primary responsibilities should be staying current on threats and trends.

Be able to explain the elements of documentation needed to maintain an effective security management program. The documentation that an organization needs to develop for an effective security management process includes numerous policies.

The collection of these policies is based upon the best practices in the industry, and they provide a comprehensive guide for developing an effective security policy.


Previous page
Table of content
Next page
CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167
Authors: Michael A. Pastore
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Cisco CallManager Fundamentals (2nd Edition)
The Java Tutorial: A Short Course on the Basics, 4th Edition
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Java Concurrency in Practice
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy