Scribd
Upload
115 views6 pages

Incident Response and Digital Forensic

Incident response refers to a collection of policies and processes for detecting, containing, and eliminating cyberattacks. The purpose is for organizations to swiftly detect and stop attacks to reduce damage and prevent future attacks. Digital forensics focuses on recovering and investigating data from digital devices used in cybercrime. Digital forensic science and incident response combines standard incident response tasks with digital forensics approaches such as documentation and playbook building to prevent live cybersecurity incidents.

Uploaded by

Munir Awali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
115 views6 pages

Incident Response and Digital Forensic

Incident response refers to a collection of policies and processes for detecting, containing, and eliminating cyberattacks. The purpose is for organizations to swiftly detect and stop attacks to reduce damage and prevent future attacks. Digital forensics focuses on recovering and investigating data from digital devices used in cybercrime. Digital forensic science and incident response combines standard incident response tasks with digital forensics approaches such as documentation and playbook building to prevent live cybersecurity incidents.

Uploaded by

Munir Awali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

INCIDENT RESPONSE AND DIGITAL FORENSIC

Abdurahman,Munir A.
BSCRIM-
INCIDENT RESPONSE SUMMARY

Incident response (IR) refers to a collection of information security policies and


processes for detecting, containing, and eliminating cyberattacks. The purpose of
incident response is for an organization to be able to swiftly detect and stop attacks,
reducing damage and preventing similar attacks in the future.
EXAMPLE OF INCIDENT RESPONSE

 Internet-Facing Vulnerabilities
 Every device that’s connected to the internet can be scanned for vulnerabilities
from outside sources. Hackers do not specifically look for one victim of their scans;
they set up scripts and scan every port and device they can. Whatever devices are
identified over the internet and can be exploited may become an attacker’s next
victim.
 Business Email Account Takeover
 In case this incident is not familiar to you, Business Email Account Takeover occurs
when a malicious user gains access to a legitimate user’s email account. For
example, once an attacker gains access to the credentials from a phishing email
that was sent out to employees, the attacker will then have access to that user’s
email.
DIGITAL FORENSICS SUMMARY

 Digital forensic science is a subset of forensic science that focuses on recovering


and investigating data from digital devices used in cybercrime. The term "digital
forensics" was coined to replace the word "computer forensics." It has been grown
to include the analysis of any gadgets that can store digital data. Although the first
computer crime was documented in 1978, and the Florida Computer Act was
passed the following year, it was not until the 1990s that the phrase "computer
crime" became widely known. National policies on digital forensics did not arise
until the early twenty-first century.The process of identifying, conserving,
evaluating, and documenting digital evidence is known as digital forensics. This is
done so that evidence can be presented in a court of law if necessary.
EXAMPLE OF DIGITAL FORENSICS
INCIDENT RESPONSE AND DIGITAL FORENSICS

DFIR is a multidisciplinary set of duties and processes aimed at preventing a live cyber
security incident. It combines standard incident response (IR) tasks with digital forensics
approaches, such as response preparation and rehearsal, IT architecture
documentation, and playbook building.While standard IR typically includes certain
investigation features, DFIR takes it to the next level by emphasizing digital forensics.

Digital forensics and incident response (DFIR) is a constantly evolving discipline that
necessitates innovative thinking. To manage the increased complexity of modern
cybersecurity issues, combining digital investigative services with incident response
experience is vital.

You might also like