Policy And Privacy Concepts Flashcards
Incident response
A set of procedures an investigator follows when examining a security incident
Chain of custody
Documents everyone who come in contract with the evidence
Copy of drive (data integrity, and preservation)
Copy every single bit of information, not just the files
Bit-for-bit copy
Byte-for-byte copy
Use hashes for integrity
Document the findings
For internal use, legal proceedings, etc
Summary of what happened
Detail of data acquisition
Analysis of data
Conclusions 
Valid license can be…
Per-seat (specific users only)
Concurrent (any 10 people can use it)
Non-expired licenses
Subscription based For a duration
Personal licenses
Usually perpetual
For a single user or device
Corporate use license
Per seat / site license
Annual renewal
Free and open source software
(FOSS)
Freely available
Closed source software
Source code is private
Example:
What you buy from Microsoft
End user licensing agreement
(EULA)
Determines how the software can be used
Terms of service
Payment card industry
data security standard 
(PCI DSS)
A standard for protecting credit cards
How places where you use your card keep your info safe
Personal government Issued information

Used for government services and documentation
Social Security number, drivers license etc
personally identifiable information PII
Protected health information
PHI 
Health information is private
HIPAA
Data retention requirements
Keep files that change frequently for version control
Recover from virus infection
Legal requirements for data retention 
.bat (Batch file)
Windows inside of command prompt
.ps1 (PowerShell)
(Automates the OS)
Used inside of windows powershell
Uses cmdlets (Command-lets)
System administration
Active Directory
.vbs Visual Basic Script
(Automates applications)
General purpose
Windows desktop
Inside Windows applications
.sh Shell Script
Unix / Linux shell
Command line
.js Java Script
Scripting for web browsers
.py Python
Any OS command line
Basic automation
Automate task
Scripts are fast
Automate restarting machines
Application updates
Security patches
Troubleshooting
Automate remapping network drives 
Can be done with .bat or .ps1
Automate installation of applications

Batch, powershell or shell in Linux
Automate backups
Self explanatory
Automate gathering info or data
Use scripts to be able to gather information or data from various systems across your network 
Automate updates 
Operating systems
Device drivers
Applications
3 Scripting considerations 
Introduce malware
Changing system settings
Cause crashes
Boolean
Data with only two possible values
True or false 
Pseudocode 
Made up coding language 
Integer
Can only store a whole number
Float / decimal /real number
Variable that stores a decimal number 
Character
Can only store ASCII character 
String
Can store multiple characters
Constant
Cannot be changed inside the program once defined 
Loop types
For loop (for a certain number)
While loop (while something is happening 
Do loop (only stops when a condition is met)
While loop checks when?
Before its run
Do loop runs when?
After the loop is run at least once
