In this conclusion of a two-part article, Oliver Rist covers what you need to know to develop a forensic-based response plan, evidence handling and documentation, and forensic tools and intrusion detection.
Articles by Oliver Rist
The science of finding, gathering, analyzing and documenting any sort of evidence is typically defined as 'forensics.' That discipline has branched off into a new specialty, that of 'computer forensics.' Network managers and corporate security teams don't need to be dedicated computer forensics specialists, but they do need to be at least acquainted with the edges of this discipline in order to effectively interact with law enforcement officials at the 'scene' of a computer crime. Oliver Rist reports.