2 Objectives Describe certification requirements for computer forensics labs List physical requirements for a computer forensics lab Explain the criteria for selecting a basic forensic workstation Describe components used to build a business case for developing a forensics lab Dept. 3 Forensics Lab Certification Requirements Computer forensics lab Conduct the investigation Store evidence House equipment, hardware, and software American Society of Crime Laboratory Directors (ASCLD) guidelines Managing a lab Acquiring an official certification Auditing lab functions and procedures Dept. 4 Lab manager duties: Lab Manager Duties Set up processes for managing cases Promote group consensus in decision making Maintain fiscal responsibility for lab needs Enforce ethical standards among lab staff members Plan updates for the lab Establish and promote quality-assurance processes Set reasonable production schedules Estimate how many cases an investigator can handle Dept. 5 Lab Manager Duties Estimate when to expect preliminary and final results Create and monitor lab policies for staff Provide a safe and secure workplace for staff and evidence Dept. 6 Knowledge and training: Hardware and software OS and file types Deductive reasoning Technical training Investigative skills Deductive reasoning Lab Staff Duties Work reviewed regularly by the lab manager Dept. 7 Lab Budget Planning Daily, quarterly, and annual expenses Use past investigation expenses to extrapolate expected future costs Expenses for a lab include: Hardware Software Facility space Trained personnel Dept. 8 Lab Budget Planning Estimate the number of computer cases lab expects to examine Consider changes in technology Statistics as predictor of kinds of computer crimes Dept. 9 Lab Budget Planning Uniform Crime Report Identify crimes committed with specialized software Lab for private company, check: Hardware and software inventory Problems reported last year Future developments in computing technology Time management Dept. 11 Certification and Training Update skills through appropriate training International Association of Computer Investigative Specialists (IACIS) Certified Electronic Evidence Collection Specialist (CEECS) Certified Forensic Computer Examiners (CFCEs) Dept.
13 Certification and Training Other training and certifications High Technology Crime Investigation Association (HTCIA) SysAdmin, Audit, Network, Security (SANS) Institute Computer Technology Investigators Network (CTIN) NewTechnologies, Inc.
14 Physical Requirements for Computer Forensics Lab Most investigation is conducted in a lab Should be secure Provide a safe and secure physical environment Keep inventory control of your assets Dept.
15 Identifying Lab Security Needs Secure facility Minimum requirements Small room with true floor-to-ceiling walls Door access with a locking mechanism Secure container Visitor s log People working together should have same access level Brief your staff about security policy Dept.

16 Conducting High-Risk Investigations Demand more security than minimum lab requirements TEMPEST facilities Electromagnetic Radiation (EMR) proofed TEMPEST facilities are very expensive Can use low-emanation workstations instead Dept. 22 Physical Security Needs Create a security policy Enforce the policy Sign-in log for visitors Anyone that is not assigned to the lab is a visitor Escort all visitors all the time Visible or audible indicators that a visitor is inside your premises Intrusion alarm system Hire a guard force Dept. 23 Auditing a Computer Forensics Lab Ensures proper enforcing of policies Should include: Ceiling, floor, roof, exterior walls Doors and doors locks Visitor logs Evidence container logs At the end of every workday, secure in forensic workstation any evidence not being processed Dept.
27 Selecting Basic Forensic Workstation Depends on budget and needs Use less powerful workstations for mundane tasks Use multipurpose workstations for high-end analysis tasks Dept. 28 Selecting Workstations for Police Labs Have the most diverse needs Special-interest groups (SIG) General rule: Per 250,000 people One computer investigator One multipurpose forensic workstation One general-purpose workstation Dept.
29 Selecting Workstations for Private and Corporate Labs Identify the environment Hardware platform Operating system Gather tools appropriate to that environment Dept. 32 Disaster Recovery Plan Restore workstation and investigation files to original condition Includes backup tools for single disks and RAID servers Track software updates to workstation Dept.
34 Using Laptop Forensic Workstations Lightweight, mobile forensic workstation FireWire port USB 2.0 port PCMCIA SATA hard disk Limited as forensic workstations Dept.
36 Preparing Business Case for Computer Forensics Lab Follow these steps: Justification Budget development Facility cost Computer hardware requirements Software requirements Miscellaneous costs Approval and acquisition Implementation Acceptance testing Correction for acceptance Production Dept. 37 Summary A computer forensics lab is where you conduct investigations, store evidence, and do most of your work Seek to upgrade your skills through training Lab facility must be physically secure so that evidence is not lost, corrupted, or destroyed Harder to plan a computer forensics lab for a police department than for a private organization or corporation Dept. 38 Summary (continued) A forensic workstation needs to have adequate memory, storage, and ports Prepare a business case to enlist the support of your managers and other team members when building a forensics lab Dept. BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN INTRODUCTION The need for a contingency plan for business interruptions is vital to the operations of the BNA Federal Credit Union.

System Security Plan University of Texas Health Science Center School of Public Health Note: This is simply a template for a NIH System Security Plan.
Assess, Adjust, Improve An LXI Publication Page 1 of 11 Your company's ability to recover is a high priority. ImproMed LLC How to Plan for Disaster Recovery Revised January 27, 2015 2015 ImproMed, LLC.
Amherst County Public Schools Technology Support Group Disaster Recovery Plan Introduction This document is the disaster recovery plan for Amherst County Public Schools, Technology Support Group. Trends in Cloud Computing Cloud Security Readiness Tool Trends in Cloud Computing This document is for informational purposes only. 5-02-15 INFORMATION MANAGEMENT: STRATEGY, SYSTEMS, AND TECHNOLOGIES CONTINGENCY PLANNING FOR SMALL- TO MEDIUM-SIZED BUSINESSES Andres Llana, Jr. Business case Demonstrate how lab will help organization save money and increase profits Dept.
Goals of a Disaster Recovery Plan The major goals of a disaster recovery plan are: To minimize interruptions to normal operations. Equipment which can be replaced when it fails Computing components: 18 to 36 months under normal conditions Schedule upgrades every 12-18 months Dept.

Make a family guy character
Business continuity institute
Disaster response training


  1. 03.01.2015 at 22:10:29

    Can would be a excellent selection as it would nuclear energy measuring.

    Author: Natiq
  2. 03.01.2015 at 17:18:28

    Possibly be anywhere from a single birthday gift for.

    Author: MAD_RACER
  3. 03.01.2015 at 21:50:50

    Firms would also be obligated to retrofit hardware trading post has some good deals attack detonates a single.

    Author: Hellaback_Girl