Section 13

Management of Forensics Evidence Handling

The “Chain of Custody” and various techniques and practices for controlling evidence are discussed. The criteria for successful use of gathered information and data in order to become court-admissible evidence are delineated in this section.

Keywords

Chain of custody; evidence handling

The Security Incident Response and Forensics Team (SIR&FT) Manager is responsible for the control, management, and guidance in the use of, storage or and handling of all evidence gathered during any investigation, incident response, and examination under his control. This requires him to place strong controls in place for the gathering of evidence, storage of evidence, maintaining the chain of custody documents of ...

Get Computer Incident Response and Forensics Team Management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Computer Incident Response and Forensics Team Management by Leighton Johnson

Management of Forensics Evidence Handling

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly