Index_E

Earthquake threat, 22

E-commerce, 191

merchants, 216

one-stop shopping, 389

sites, attacker invading, 219

Web sites, auditing of, 214

Economic espionage, 343

Economic Espionage Act, 62

ECPA, see Electronic Communications Privacy Act

Electronic communications, privacy of, 55

Electronic Communications Privacy Act (ECPA), 5, 58

Electronic evidence, means of collecting, 367

Electronic media, 50

Electronic privacy statement, 60

E-mail

accounts, size of, 54

attachments, 56

employees opening, 41

viruses executed through, 23

attorney-client, 65

backing up of, 53

client communications using, 64

confidentiality of, 55

deletion of, 53

delivery, 464

discovery, 376

employee, 15, 224

encrypted, 57

forwarded, 56

good, 52

headers, 288, 292

interior network handling, 94

message

employee filing of in personal folders, 394

priority, 56

naming conventions, 177

PIN, 404

policy

risks of, 51

violation, 46

privacy policies, 57

processing, 288

retention policy, 55

services, Web-based, 323

signatures, 56

spelling and grammar, 56

unsolicited, 63

Web-based, 224

Embezzlement, 159, 354

Emergency

assessment, information collected during, 237

management team, 35

operation(s)

center (EOC), 34

plans, 33

sub-team, 35

processes, 34

recovery processes, 34

Employee(s)

behavior

policy information, most-valuable source of, 15

reasons for monitor, 59

copyright concerns, 61

e-mail, 15, 224

feedback, 323

fraud controls, 355

Internet activity logs, 225

IT, 105

labor organization, 63

monitoring best practices, 396

polygraphs, 397

privacy, 57, 391

policy, 91

rights, 248

training, 388

responsibility for entry methods, 67

security awareness training, 153

software installation, 68, 69

termination, 107

trade secrets and, 62

training, 108

business recovery processes, 35

disaster recovery, 34

emergency processes, 34

evacuation, 34

notification process, 34

orientation, 34

promotion, 34

relocation procedures, 35

salvage operations, 35

standardized, 33

working at home, 59

EnCase, 270, 271, 285

law enforcement agency use of, 285

string search capability of, 306

EOC, see Emergency operations center

Error messages, accidental, 194

Espionage, 343

Ethereal, 503

Eudora, 224, 246

European Commissions Directive on Data Protection, 405

European Union Data Protection Directive, 406

Event logs, creation of, 70

Evidence, 356

collection, 121, 260

flowcharts, 126

homework, 122

interviews, 121, 122, 123, 124

questionnaires, 125-126

taking care of stakeholders, 127

common mistakes when handling, 263

computer, examination of, 262

definition of, 260

electronic, means of collecting, 367

e-mail as, 372

examination, 296

autocomplete entries in Registry, 299

changing user passwords, 298

chronology of events, 307

cracking user passwords, 299

going native, 298

good places for evidence, 300

legal cautions, 307

logical file review in, 297

looking at relevant files, 306

looking for specific words, 306

offline log reviews, 305

partitions, 302

partition status, 302

password-protected and encrypted files, 303

print spooler files, 303

Recycle Bin, 300

Windows NT logging, 304

Windows operating systems, 296

Windows Registry, 299

good places for, 300

live-time, 296

prioritization, 261

recovery, 81

steps to follow when collecting, 268

tags, 265

writing over, 263

Exposure value, 5