Definitons

  • Computer Assistet Crime Computer is used as a tool to carry out the crime
  • Computer Targeted Crime Computer is the victim of the crime
  • Computer is Intidential to the Crime Computer was not central to the commission of the crime
  • Script Kiddies Hacker that don't have the skill to hack on their own
  • Advanced Persistent Threat Custom designed malicious code built specifically for the intended target
  • Safe Harbour Requirements Non-Europeans doing business with Europeans must adhere to these requirements for data privacy:
    • Notice
    • Choise
    • Onward Transfer
    • Security
    • Data Integrity
    • Access
    • Enforcement
  • The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies is a multilateral export control regime with 42 participating states including many former Comecon countries
  • Types of Legal Systems
    • Civil Law is codified. Countries with civil law systems have comprehensive, continuously updated legal codes that specify all matters capable of being brought before a court, the applicable procedure, and the appropriate punishment for each offense.
    • Common law is generally uncodified. This means that there is no comprehensive compilation of legal rules and statutes. While common law does rely on some scattered statutes, which are legislative decisions, it is largely based on precedent, meaning the judicial decisions that have already been made in similar cases.
    • Customary Law is the most important law in their lives, controlling areas of their lives like their marriages, their property, and their right to inherit. But some customary laws discriminate and make people vulnerable to HIV and AIDS.
    • Religious law refers to ethical and moral codes taught by religious traditions. Examples include Christian canon law, Islamic sharia, Jewish halakha, and Hindu law.
    • Intellectual Property Law
    • Trade Secret Law
    • Copyright Law protect the rights of an author. Computer Programms are literary works
    • Trademark Law
    • Patent Law 20 years, must be novel, must be useful, must be not obvious
    • Software Piracy
  • Personal Identifiable Information (PII)
  • Basel II Dertermines the actual exposure to risk of each financial institution
  • Due Care means that a company did all that is could responsibly do to prevent security breaches
  • Due Diligence means that the company investigated and properly identified possible vulnerabilities and weaknesses
  • Responsibility Obligations and expected actions of a particular party
  • Accountability is the ability to hold a party responsible for certain actions
  • Proximate Cause an act or omission that produces a consequence
  • Incident Management hat the goal to contain and mitigate any damage caused by an incident and to prevent any further damage
  • Incident Response Procedure
    1. Triage
    2. Investigation
    3. Containment
    4. Analysis Root cause analysis, report to management
    5. Tracking
    6. Recovery
  • Computer Forensics is a science that is focused on all domains in witch evidence is in a digital or electronic form
  • Forensics Investigation Proess
    1. Identification What kind of evidence we are finding
    2. Preservation Make sure that the evidence is secured, preserved
    3. Collection Safely collect the evidence
    4. Examination Forensically examine the evidence
    5. Analysis
    6. Presentation
    7. Decision
  • Primary Image Digital evidence as collected
  • Working Image Copy of the evidence to be used for analysis
  • Where is volatile data found?
    • Register and Cache
    • Process Tables
    • ARP Cache
    • System Memory
    • Temporary File Systems
    • Special Disk Sectors
  • Chain of Custody of Evidence refers to the chronological documentation or paper trail that records the sequence of custody, control, transfer, analysis, and disposition of physical or electronic evidence
  • Lifecycle of Evidence
    • Collection and Identification
    • Storage, preservation and transportation
    • Presentation in court
    • Return of evidence to owner
  • Typens of Evidence
    • Best Evidence Primary evidence used in a trial because it provides the most reliability
    • Secondary Evidence Oral copies of original documents
    • Direct Evidence Can prove fact all by itself and does not need any backup information
    • Conclusive Evidence Cannot be contracted
    • Circumstantial Evidence Can provide an intermediate facts that an then be used to deduce or assume the existence of another fact
    • Corroborative Evidence Supporting evidence used to help provide an idea or point
    • Opinion Evidence The opinion rule says that witnesses must testify to only the fact of the issue and not their opinion of the facts
    • Heresy Evidence Second-Hand evidence hat has no first-hand proof of accuaracy or reliability
  • Exigent Circumstances If there is an impending possiblility that evidence may be destroyed law enforcement may act o seize the evidence in order to prevent its destruction
  • Enticement Is legal and ethical, give someone the oppurtunity to make a bad decision
  • Entrapment Is illegal, ticking someone into making a bad decision
  • Attack Types
    • Salam Attack Commit serveral small crimes in the hope that the larger crime goes unnoticed
    • Data Diddling Altering existing data
    • Passwort Sniffing
    • IP Spoofing
    • Dumpster Diving
    • Wire-Tapping
    • Cyber Squatting
  • (ISC)2 Code of Ethics
    • Protect Society, the common good, necessary public trust and confidence
    • Act honorably, honestly, justly, responsibly and legally
    • Provide diligent and competent service to principals
    • Advance and protect the profession