Open AccessGuide to integrating forensic techniques into incident response
Author(s) -
Karen Kent,
Sébastien Chevalier,
T Grance,
H Dang
Publication year - 2006
Language(s) - English
Resource type - Reports
DOI - 10.6028/nist.sp.800-86
Subject(s) - outreach , nist , government (linguistics) , implementation , identification (biology) , computer science , engineering management , order (exchange) , information security , computer security , engineering , business , political science , software engineering , linguistics , philosophy , botany , finance , natural language processing , law , biology
This publication is intended to help organizations in investigating computer security incidents and troubleshooting some information technology (IT) operational problems by providing practical guidance on performing computer and network forensics. The guide presents forensics from an IT view, not a law enforcement view. Specifically, the publication describes the processes for performing effective forensics activities and provides advice regarding different data sources, including files, operating systems (OS), network traffic, and applications. The publication is not to be used as an all-inclusive step-by-step guide for executing a digital forensic investigation or construed as legal advice. Its purpose is to inform readers of various technologies and potential ways of using them in performing incident response or troubleshooting activities. Readers are advised to apply the recommended practices only after consulting with management and legal counsel for compliance concerning laws and regulations (i.e., local, state, Federal, and international) that pertain to their situation.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom