The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?
A.
Well established and defined digital forensics process
B.
Establishing Enterprise-owned Botnets for preemptive attacks
C.
Be able to retaliate under the framework of Active Defense
Importance of Digital Forensics:A well-documented forensics process ensures evidence is collected, preserved, and analyzed in a manner admissible in court.
Key Forensic Activities:
Maintain chain of custody for evidence.
Ensure proper documentation and storage of digital artifacts.
Use industry-standard tools for analysis.
Why Not Other Options:
B. Establishing Enterprise-owned Botnets: Illegal and unethical.
C. Retaliation under Active Defense: Often violates laws and escalates conflicts.
D. Collaboration with law enforcement: Important but secondary to having solid forensic processes.
EC-Council CISO Alignment:A robust forensics process aligns with legal standards and ensures the organization is prepared for successful prosecution of attackers.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit