From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Conducting investigations
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Conducting investigations
- [Instructor] During the course of their work, information security professionals often find themselves involved in various types of investigations. In some cases, these investigations are led by security teams in response to suspected or actual security incidents. In other cases, the investigation is led by another group, and security professionals are asked to contribute evidence and expertise. There are four main types of investigations that often involve cybersecurity professionals. These are administrative investigations, criminal investigations, civil investigations, and regulatory investigations. Administrative investigations are internal investigations that an organization undertakes. They may be done for many different reasons. One of the most common reasons for an administrative investigation is to investigate operational issues related to the organization's technology infrastructure. For example, a service…
Contents
-
-
-
-
-
-
(Locked)
Conducting investigations5m 7s
-
(Locked)
Evidence types3m 51s
-
(Locked)
Introduction to forensics4m 6s
-
(Locked)
System and file forensics4m 17s
-
(Locked)
File carving3m 1s
-
(Locked)
Creating forensic images5m 36s
-
Digital forensics toolkit3m 13s
-
(Locked)
Operating system analysis6m 25s
-
Password forensics8m 9s
-
(Locked)
Network forensics4m 50s
-
(Locked)
Software forensics3m 32s
-
(Locked)
Mobile device forensics1m 32s
-
(Locked)
Embedded device forensics2m 50s
-
(Locked)
Chain of custody2m 13s
-
(Locked)
Ediscovery and evidence production3m 15s
-
(Locked)
-