From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Ediscovery and evidence production
From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Ediscovery and evidence production
- Cyber security professionals often find themselves called upon to participate in electronic discovery efforts that result from legal actions involving their firms. When organizations are involved in legal disputes, they have an obligation to preserve evidence related to that dispute, and produce it in response to a legitimate legal order. We'll talk about three major steps in the electronic discovery process. Preservation, collection, and production. When an organization receives notice of potential litigation, the first step that should take place is the issuance of a legal hold to individuals, and departments that may have electronic or paper records relevant to the dispute. This usually takes the form of a memo sent to those individuals informing them of the potential litigation, and instructing them that they are required to preserve any records related to the dispute. Now it's important to remember that preservation…
Contents
-
-
-
-
-
-
Conducting investigations3m 50s
-
Evidence types3m 28s
-
Introduction to forensics3m 21s
-
System and file forensics4m 26s
-
File carving3m 46s
-
Creating forensic images5m 30s
-
Digital forensics toolkit2m 25s
-
Operating system analysis6m 9s
-
Password forensics7m 16s
-
Network forensics4m 1s
-
Software forensics4m 25s
-
Mobile device forensics1m 10s
-
Embedded device forensics2m 30s
-
Chain of custody1m 50s
-
Ediscovery and evidence production3m 3s
-
Exploitation frameworks6m 4s
-
-