4.6 – Incidents & Regulations Flashcards
- Chain of Custody
o Chronological documentation
o Paper trail – sequence
o Control
o Transfer
o Analysis
o Disposition of materials [physical & electronic evidence]
- Inform management / police as necessary
- Copy of drive [data integrity & preservation]
Bit by bit copy = copies every sector / deleted data
- Documentation of incident
Information about the incident
- Licensing
o Licensing / DRM = digital rights management
—Protects from copying
—Software / DVD / Blu-ray
o EULA = End user license agreement
o Valid licenses
o Non-expired licenses
o Personal use licenses vs corporate use licenses
o Open-source licenses
- Regulations
o Regulated data
—Credit card transactions
—Payment Card Industry Data Security Standard
———Information security standard for organizations to handle branded credit cards
—Personal government issued information
- PII = Personally Identifiable Information
o Personal information about you
o Address, credit number, social security number
o GDPR = General Data Protection Regulations
—-An EU law on data protection & privacy in EU & the European Economic Area
- Healthcare Data
o Medicine / disease
o HIPAA = Health Insurance Portability & Accountability Act
o Healthcare info, how personally identifiable info is maintained by the healthcare & insurance industries should be protected
- Data Retention Requirements
How long to hold the data [usually defined by law]