CISSPOIGv2第六章 - CSDN文库

5星 · 超过95%的资源需积分: 10 62 浏览量更新于2023-03-03 评论收藏 645KB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

资源详情

资源评论

资源推荐

503

6Chapter

Legal, Regulations,

Investigations,

and Compliance

Marcus K. Rogers, Ph.D., CISSP, CCCI-Advanced

Contents

Introduction ..................................................................................................... 504

CISSP

Expectations ...................................................................................505

Major Legal Systems ......................................................................................... 506

Common Law ..............................................................................................507

Criminal Law ...........................................................................................508

Tort Law ..................................................................................................508

Administrative Law ..................................................................................508

Civil Law ......................................................................................................509

Customary Law ............................................................................................509

Religious Law ...............................................................................................510

Mixed Law ....................................................................................................510

Information Technology Laws and Regulations .................................................510

Intellectual Property Laws .............................................................................511

Patent .......................................................................................................511

Trademark ................................................................................................511

Trade Secret..............................................................................................512

504 ◾ Of cial (ISC)

Guide to the CISSP CBK

Licensing Issues ........................................................................................512

Privacy ..........................................................................................................513

Employee Monitoring and Surveillance ........................................................516

Liability ........................................................................................................517

Computer Crime ..........................................................................................518

International Cooperation ........................................................................520

Incident Response .............................................................................................521

Response Capability ......................................................................................522

Incident Response and Handling ..................................................................523

Triage Phase .............................................................................................523

Investigative Phase ...................................................................................524

Containment............................................................................................524

Analysis and Tracking ...............................................................................525

Recovery Phase .............................................................................................526

Recovery and Repair ................................................................................527

Post Incident Phase ..................................................................................527

Digital Investigations ....................................................................................528

Crime Scene .............................................................................................530

Digital/Electronic Evidence ......................................................................531

General Guidelines ...................................................................................532

Software Analysis ..........................................................................................533

Network Analysis ..........................................................................................534

Interviewing .................................................................................................535

Conclusions ......................................................................................................535

Sample Questions ..............................................................................................536

Introduction

 e current chapter covers the domain of legal, regulations, compliance, and investiga-

tions.  e legal, regulations, compliance, and investigations domain addresses general

computer crime legislation and regulations, the investigative measures and techniques

that can be used to determine if an incident has occurred, and the gathering, analysis,

and management of evidence if it exists.  e focus is on concepts and internationally

accepted methods, processes, and procedures. It is important to highlight the inter-

national focus at the very beginning.  is chapter will avoid in-depth discussions of

country- or region-speci c laws, legislation, and regulations. Although some regional

examples are presented to clarify certain discussion points, these will be limited to the

emphasis of principles common across most, if not all, jurisdictions.

 e chapter is geared toward the conceptual issues and concerns and is not

intended as a deep technical discussion of the domain.  is conceptual level of

depth is in keeping with the need to proverbially walk before we run. Without

a solid understanding of the concepts and issues, any deep technical discussions

Legal, Regulations, Investigations, and Compliance ◾ 505

would be problematic and super cial. A secondary reason for the choice of depth is

directly related to the sheer size of this topic; it is not unrealistic to  nd entire books

devoted to each of the sections this chapter will attempt to address; thus, only a

high-level examination is possible.

Having fully quali ed and constrained the scope of this chapter, it is time to delve

into what exactly will be covered and what the reader can expect to glean from the

pages contained herein.  e chapter has been logically broken down into three broad

categories, each with several subsections.  e  rst major section sets the stage for

subsequent sections and deals with the major legal systems of the world.  e inten-

tion is not to turn readers into international law experts, but to introduce the context

and backdrop for the remainder of the chapter. Under the major legal systems we will

examine, at a high level, principles of common law; civil or code law; and customary,

religious, and mixed legal systems. Similarities and di erences between these systems

that are important for information security professionals will be brie y introduced.

 e second section deals speci cally with the law as it relates to information

systems.  e need for awareness of legislative and regulatory compliance is exam-

ined; this includes general information system legislative and regulatory principles

(e.g., protection of property, intellectual property protection of persons, privacy

and licensing issues). We then move to the subtopic of cybercrime: what is it, who

is doing it, what e ect it has on the information systems community and society in

general, and,  nally, issues related to the international harmonization of cybercrime

laws and prosecution (e.g., jurisdiction, legislation).

 e third section focuses on detection and investigation of information system-

related events and looks at incident response from policy requirements and develop-

ing a response capacity, to proper evidence management and handling procedures.

 is section goes into more of the investigative aspects and examines digital inves-

tigations/cyber forensics (both network and computer forensics).  is section brie y

discusses cybercrime scene analysis and cyber forensics protocol (e.g., identi cation,

preservation, collection, analysis, examination, and report and presentation of digital

evidence).

 e chapter concludes with an overall discussion of the current and future roles

of detective and investigative controls, and what needs to be done to ensure that these

controls are  exible enough to keep pace with the constantly changing technology envi-

ronment and the reality of increased regulatory and legislative compliance. Readers

interested in obtaining more information on any of the sections or concepts are encour-

aged to review the extensive reference section and consult these excellent sources.

CISSP® Expectations

According to the (ISC)

Candidate Information Bulletin, a CISSP candidate is

expected to know the methods for determining whether a computer crime has been

committed, the laws that would be applicable for the crime, the laws prohibiting

speci c types of computer crime, methods to gather and preserve evidence of a

Legal, Regulations, Investigations, and Compliance ◾ 507

Customary law

Religious law

Mixed law

 is taxonomy is consistent with the current legal literature in this area. Maritime

law is not addressed in this discussion, although it is an excellent example of the

harmonization of international law.

Common Law

The legal system referred to as common law traces its roots back to England,

or more precisely, the development of a customary law system of both the

Anglo-Saxons in Northern France and the early residents of England. Due

to England’s rich history of colonization, the common law framework can be

found in many parts of the world that were once colonies or territories of the

British empire (e.g., United States, Canada, United Kingdom, Australia, and

New Zealand). The European continent has resisted the common law influence

and is based primarily on a codified legal system, civil law. The common law

system is based on the notion of legal precedents, past decisions, and societal

traditions. The system is based on customs that predated any written laws or

codification of laws in these societies. Prior to the twelfth century, customary

law was unwritten and not unified in England; it was extremely diverse and

was dependent on local norms and superstitions. During the twelfth century,

the king of England created a unified legal system that was common to the

country. This national system allowed for the development of a body of public

policy principles.

A de ning characteristic of common law systems is the adversarial approach

to litigation, and the  ndings of fact in legal  ctions. It is assumed that adjudi-

cated argumentation is a valid method for arriving at the truth of a matter.  is

approach led to the creation of barristers (lawyers) who take a very active role in

the litigation process. Another discriminating element of the common law system

stems from its reliance on previous court rulings. Decisions by the courts are

predicated on jurisprudence (case law), with only narrow interpretation of legisla-

tive law occurring. In this system, judges play a more passive role than in civil

law systems and are not actively involved in the determination of facts. Although

historically, common law was a non-codi ed legal system, this is no longer true;

most, if not all, common law countries have developed statute laws and a codi ed

system of laws related to criminal and commercial matters. Most descriptions of

common law systems are quick to point out that the di erences between civil and

common law systems are becoming increasingly di cult to distinguish, with civil

systems adopting a jurisprudence approach and common law systems increas-

ingly relying on legislative statutes and regulations. Most common law systems

consist of three branches of law: criminal law, tort law, and administrative law.

剩余35页未读，继续阅读

wudijuan007

2013-07-09

cissp OIGv2-c6-Legal, Regulations,Investigations,and Compliance，很清晰，非常不错^_^

oracle13i

粉丝: 1
资源: 28

会员权益专享

CISSP OIG v2 第六章

评论1

会员权益专享

最新资源

CISSP OIG v2 第六章

评论1

CISSP OIG v2 第七章

cissp东方瑞通讲义

cissp官方学习指南

cissp备考中文详解

cissp 工作证明怎么写

cissp官方教材最完备精华笔记

制定一个CISSP考证计划

cissp官方学习文档pdf

cissp官方学习指南第7版(中文)

CISSP培训讲义大纲

cissp认证考试最新中英文题集

osg 9 cissp

CISSP题库(分享)

cissp 考试 答对多少题?

cissp定量计算公式学些

CISSP自学备考回顾（一次性通过）

The CISSP Prep Guide

CISSP Official (ISC)2 Practice Tests, 2nd Edition

会员权益专享

最新资源

cissp 考试答对多少题?