Enterprise Investigation Flashcards
Can you identity the potential challenges when dealing with the following?
A large corporation (300+ employees)
A multinational corporation (presence in more than one country)
Offsite data backups
Cloud-based services
In house software and custom applications
Vendor appliances (custom firewalls, etc)
Industry specific investigations (ex. Mining, shipping, supply chain, pharmaceutical, retail)
Enterprise Networks
Email servers
File servers
Accounting systems
Sales and payment systems (including front-end point of sale)
Industrial control systems (ICS or SCADA)
Security systems (physical and IT including IDS, IPS, SIEM)
System management (Windows Active Directory and LDAP systems)
Web servers and other web application infrastructure
Databases
Printers and print queues
Backup and storage management systems
End-user machines and smartphones (BYOD is a nightmare!)
Mainframes or other super computing infrastructure
Clouds (public and private)
PBX and other phone systems
Helpdesk, monitoring, proxy, QoS systems
Developer and IT Security test environments and labs