The next three sections explore the fascinating topic of computer and IT forensics. We begin by making the distinction between incident response and forensics. Forensics is concerned with the collection of evidence in preparation of going to court in order to seek prosecution of the bad guys. The overriding concern during this phase is ensuring that the gathered evidence is not altered due to the collection and analysis processes! In addition to all personnel involved with evidence collection and analysis being properly trained and qualified, there are five rules of evidence that must be strictly adhered to: 1. Must be authentic 2. Must be accurate 3. Must be complete 4. Must be convincing 5. Must be admissible
They are responsible for knowing where a network's possible vulnerabilities are and providing mitigation strategies to combat them. An effective Cyber Security Operations Manager will have experience in a technical security role including ...