From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Ediscovery and evidence production
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Ediscovery and evidence production
- [Instructor] Cybersecurity professionals often find themselves called upon to participate in electronic discovery efforts that result from legal actions involving their firms. When organizations are involved in legal disputes they have an obligation to preserve evidence related to that dispute and produce it in response to a legitimate legal order. We'll talk about three major steps in the electronic discovery process: preservation, collection, and production. When an organization receives notice of potential litigation, the first step they should take is the issuance of a litigation hold to individuals and departments that may have electronic or paper records relevant to the dispute. This usually takes the form of a memo sent to those individuals and departments informing them of the potential litigation and instructing them that they are required to preserve any records related to the dispute. It's important to remember…
Contents
-
-
-
-
-
-
(Locked)
Conducting investigations5m 7s
-
(Locked)
Evidence types3m 51s
-
(Locked)
Introduction to forensics4m 6s
-
(Locked)
System and file forensics4m 17s
-
(Locked)
File carving3m 1s
-
(Locked)
Creating forensic images5m 36s
-
Digital forensics toolkit3m 13s
-
(Locked)
Operating system analysis6m 25s
-
Password forensics8m 9s
-
(Locked)
Network forensics4m 50s
-
(Locked)
Software forensics3m 32s
-
(Locked)
Mobile device forensics1m 32s
-
(Locked)
Embedded device forensics2m 50s
-
(Locked)
Chain of custody2m 13s
-
(Locked)
Ediscovery and evidence production3m 15s
-
(Locked)
-