Forensics Team Policies and Procedures
The forensics team should always follow a structured documented process, wherein the content of the items to be investigated needs to be preserved, validated, and documented. Any investigation must be understood at the onset as to its dimensions, scope, and investigative methods which are best based upon proven techniques, such as proper and legal collection of evidence and obtaining proper bit-stream “hash encrypted” copies of evidence.
Keywords
Forensics policies; reporting
The forensics team should always follow a structured documented process, wherein the content of the items to be investigated needs to be preserved, validated, and documented. Any investigation must be understood at the onset ...
Get Computer Incident Response and Forensics Team Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
