| title |
|---|
Auditing and Digital Forensics |
Digital Forensics: Application of computer science and investigative procedures involving the examination of digital evidence.
Example: More on Digital Forensics
Must follow proper search authority, chain of custody, validation with mathematics, use of validates tools, repeatability, reporting, expert testimony.
Incident Response: Mitigations of violations of security policies and recommended practises.
Security Policies: Set of criteria for the provision of security services.
- Defines objectives and constraints of the security program at several levels.
Remember — Security policies should be normally stated so that everyone can understand what's expected of them.
Stands for "Security Information and Event Management/Monitoring Systems"
Security software the compiler information about security information and events.
- Alerts security analysis of threats and vulnerabilities.
- Handles data from network, database, logs.
- Used to streamline security management.
Examples:
- Splunk
- IBM Qradar
- Microsoft Sentinel
Evaluation of an organization's information technology infrastructure.
- Includes security, data use, and management.
- Typically part of a company's risk management
Interval v. External Audit Routines:
- Internal: About once a year
- External: Depends on the company (1 to 3 years is common)