Policy And Privacy Concepts Flashcards
Incident response
A set of procedures an investigator follows when examining a security incident
Chain of custody
Documents everyone who come in contract with the evidence
Copy of drive (data integrity, and preservation)
Copy every single bit of information, not just the files
Bit-for-bit copy
Byte-for-byte copy
Use hashes for integrity
Document the findings
For internal use, legal proceedings, etc
Summary of what happened
Detail of data acquisition
Analysis of data
Conclusions 
Valid license can be…
Per-seat (specific users only)
Concurrent (any 10 people can use it)
Non-expired licenses
Subscription based For a duration
Personal licenses
Usually perpetual
For a single user or device
Corporate use license
Per seat / site license
Annual renewal
Free and open source software
(FOSS)
Freely available
Closed source software
Source code is private
Example:
What you buy from Microsoft
End user licensing agreement
(EULA)
Determines how the software can be used
Terms of service
Payment card industry
data security standard 
(PCI DSS)
A standard for protecting credit cards
How places where you use your card keep your info safe
Personal government Issued information

Used for government services and documentation
Social Security number, drivers license etc
personally identifiable information PII
Protected health information
PHI 
Health information is private
HIPAA
Data retention requirements
Keep files that change frequently for version control
Recover from virus infection
Legal requirements for data retention 
.bat (Batch file)
Windows inside of command prompt
.ps1 (PowerShell)
(Automates the OS)
Used inside of windows powershell
Uses cmdlets (Command-lets)
System administration
Active Directory
.vbs Visual Basic Script
(Automates applications)
General purpose
Windows desktop
Inside Windows applications
.sh Shell Script
Unix / Linux shell
Command line
.js Java Script
Scripting for web browsers
.py Python
Any OS command line
Basic automation
Automate task
Scripts are fast
Automate restarting machines
Application updates
Security patches
Troubleshooting
Automate remapping network drives 
Can be done with .bat or .ps1
