Page 676 - StudyBook.pdf
P. 676
660 Chapter 11 • Operational and Organizational Security: Incident Response
Biometric authentication uses the physical attributes of a person to
determine whether access should be given.
Tailgating or piggybacking involves a person following another authorized
person (who has used access control methods like key cards, PIN numbers,
biometrics or other methods) into a secure area or building
Dumpster diving involves going through trash to find documents that
contain sensitive information, such as work product, usernames, passwords,
or information on IP addresses and other data about systems and the
network.
Social engineering involves gaining the confidence of someone to trick
them into providing information.
Phishing involves sending e-mails to people to entice the recipient into
responding and providing confidential information.
The environment in which equipment resides must be air-conditioned,
have proper humidity levels, and have other conditions that are suitable for
the equipment stored inside.
Forensics
Computer forensics is the application of computer skills and investigation
techniques for the purpose of acquiring evidence. It involves collecting,
examining, preserving, and presenting evidence that is stored or
transmitted in an electronic format.
It is important that a crime scene is secure and that anyone who had
access to the area and witnessed the incident is documented. Information
displayed on monitors should be documented or photographed, computers
that are running should be left running to protect volatile data, and those
shut off should remain off to avoid activating any malicious software that
may be installed on the machine.
Computer forensic software should be used to make an image of the
disk(s) to work with so that the integrity of the original can be preserved.
Copies of data should be made on media that is forensically sterile.This
means that the disk has no other data on it, and has no viruses or defects.
www.syngress.com
