A Practitioner's Reference, Second Edition

Thomas R.Peltier

AUERBACH PUBLICATIONS

A CRC Press Company
Boca Raton London New York Washington, D.C.

Information Security Policies & Procedures
A Practitioner's Reference
Second Edition

About the Author
Thomas R.Peltier (CISM, CISSP) is in his fifth decade of computer technology. During
this time he has shared his experiences with fellow professionals and, because of this
work, has been awarded the 1993 Computer Security Institute’s (CSI) Lifetime
Achievement Award. In 1999, the Information Systems Security Association (ISSA)
bestowed its Individual Contribution to the Profession Award; and in 2001, Tom was
inducted into the ISSA Hall of Fame. He was also awarded the CSI Lifetime Emeritus
Membership Award. Currently, he is the President of Peltier and Associates, an
information security training and consulting firm. Prior to this he was Director of Policies
and Administration for the Netigy Corporation’s Global Security Practice. Tom was the
National Director for Consulting Services for Cyber-Safe Corporation, and the Corporate
Information Protection Coordinator for Detroit Edison. The security program at Detroit
Edison was recognized for excellence in the field of computer and information security
by winning the Computer Security Institute’s Information Security Program of the Year
for 1996. Tom previously was the Information Security Specialist for the General Motors
Corporation, where he was responsible for implementing an information security
program for GM’s worldwide activities.
Over the past decade, Tom has averaged four published articles a year on various
computer and information security issues, including developing policies and procedures,
disaster recovery planning, copyright compliance, virus management, and security
controls. He has had four books published: Policies, Standards, Guidelines and
Procedures: Information Security Risk Analysis; Information System Security Policies
and Procedures: A Practitioners’ Reference; The Complete Manual of Policies and
Procedures for Data Security’, and How to Manage a Network Vulnerability Assessment,
and is the co-editor and contributing author for the ClSSP Prep for Success Handbook;
and a contributing author for the Computer Security Handbook, Third and Fifth Edition
and Data Security Management. Tom, along with his son Justin and partner John
Blackley, is currently co-authoring the book Information Security Fundamentals.
He has been the technical advisor on a number of security films from Commonwealth
Films. Tom is the past chairman of the Computer Security Institute (CSI) Advisory
Council, the chairman of the 18th Annual CSI Conference, founder and past-president of
the Southeast Michigan Computer Security Special Interest Group, and a former member
of the board of directors for (ISC)2, the security professional certification organization.
Tom conducts numerous seminars and workshops on various security topics and has led
seminars for CSI, Crisis Management, the American Institute of Banking, the American
Institute of Certified Public Accountants, the Institute of Internal Auditors, ISACA, and
Sungard Planning Solutions. He was also an instructor at the graduate level for Eastern
Michigan University.

Acknowledgments
As a child I knew that I wanted to make my life’s work one of writing policies and doing
risk analysis. Actually, I wanted to be a cowboy; but being a kid from Detroit, I had to
settle for other things. As I was completing my undergraduate work at the University of
Detroit, my boss Larry Degg came and asked me if I could help. Our organization was in
the midst of a massive audit and we had few polices and procedures. For the next nine
years, Larry helped me refine the skills needed to understand how policies and
procedures worked in the business environment.
My second number-one is my wife Lisa Bryson. We are both information security
professionals and it is her ability to take my big-picture ideas and help me flesh out the
concepts. We have worked as a team for the past nine years and have developed some
truly remarkable concepts.
Next on my list of acknowledgments is my mentor and friend, John O’Leary, the
Director of the Computer Security Institute’s Education Resource Center. John and his
wonderful wife Jane have sat with me through many a dinner, listened to my problems,
and then offered the wisdom that comes from people who care.
My working buddies must also be acknowledged. My son Justin is the greatest asset
any father—and more importantly, any information security team—could ever hope for.
Over the past two years, we have logged nearly 150,000 air miles together, and each day
we learn something new from each other.
The other working buddy is John Blackley. The strange Scotsman who makes our life
more fun and interesting.
Who can leave out their publisher? Certainly not me! Rich O’Hanley has taken the
time to discuss security issues with numerous organizations to understand what their
needs are and then presented these findings to use. A great deal of our work here is a
direct result of what Rich discovered that the industry wanted. Rich O’Hanley, not only
the world’s best editor and task master, but a good friend and source of knowledge.
Thanks, Rich!
And finally, I extend a thank you to our editors, Claire Miller and Andrea Demby.
They take the time to take the raw manuscript and put it into a logically flowing work.
Sometimes they have to ask me the same question more than once, but finally I get what
needs to be done.

Introduction

Policies, standards, and procedures are a key element in the business process. The
implementation of these documents should never be undertaken to satisfy some perceived
audit or security requirement. These requirements do not exist. There are only business
objectives or mission requirements. This book is dedicated to the concept that policies,
standards, and procedures support the efficient running of an organization. We examine
how policies support management’s directions. Standards and procedures are the
elements that implement the management policies.
It is easy now to run out to the Internet and pull down some organizations’ policies
and the like. However, this book cautions against this approach. We examine how best to
use available examples of policies, standards, and procedures. We also put into
perspective the influx of national and international standards and how best to use them to
meet your organization’s needs.
Keeping the process simple is the objective of clear and concise writing. We approach
writing policies and such as a project with a clearly defined objective, deadlines, and a
communications plan.
Perhaps the most important element of this book is how information security is
integrated into all aspects of the business process. Every organization needs to address at
least 12 enterprisewide (Tier 1) policies. We examine each of these policies and then map
information security requirements into each one. We also discuss the need for topicspecific
(Tier 2) policies and application-specific (Tier 3) policies and how they map with
standards and procedures.
Although this text is identified as information security policies, standards, and
procedures, the skill set discussed can be used throughout the enterprise. We concentrate
on information security needs, but we always keep the organization objectives at the
forefront.

Table of Contents

Acknowledgments x

About the Author xi

Introduction xii

PART 1 INFORMATION SECURITY POLICIES AND PROCEDURES

Chapter 1 Introduction 2

Chapter 2 Why Manage This Process as a Project? 15

Chapter 3 Planning and Preparation 29

Chapter 4 Developing Policies 43

Chapter 5 Asset Classification Policy 74

Chapter 6 Developing Standards 105

Chapter 7 Developing Procedures 126

Chapter 8 Creating a Table of Contents 148

Chapter 9 Understanding How to Sell Policies, Standards, and Procedures 161

Appendix 1A Typical Tier 1 Policies 178

Appendix 1B Typical Tier 2 Policies 198

Appendix 1C Sample Standards Manual 219

Appendix 1D Sample Information Security Manual 241

PART 2 INFORMATION SECURITY REFERENCE GUIDE

Chapter 10 Introduction to Information Security 257

Chapter 11 Fundamentals of Information Security 261

Chapter 12 Employee Responsibilities 266

Chapter 13 Information Classification 269

Chapter 14 Information Handling 273

Chapter 15 Tools of Information Security 276

Chapter 16 Information Processing 279

Chapter 17 Information Security Program Administration 286

Chapter 18 Baseline Organization Information Security Program 289

Appendix 2A 317

Index 327

Screenshot

Purchase Now !
Just with Paypal

Product details

Price
Pages	371 p
File Size	2,075 KB
File Type	PDF format
ISBN	0-203-48873-3 Master e-book ISBN  0-203-58914-9 (Adobe e-Reader Format)
Copyright	2004 by CRC Press LLC

  ●▬▬▬▬▬❂❂❂▬▬▬▬▬●

●▬▬❂❂▬▬●

●▬❂▬●

●❂●

═════● ●═════

ALBERT J. MARCELLA, Ph.D. & ROBERT S. GREENFIELD Editors

A Field Manual for Collecting, Examining, & Preserving Evidence of Computer Crimes

Editors and Contributors

Albert J. Marcella, Jr., Ph.D., CFSA, COAP, CQA, CSP, CDP, CISA, is an associate professor of Management in the School of Business and Technology, Department of Management, at Webster University, in Saint Louis, Missouri. Dr. Marcella remains the president of Business Automation Consultants, an information technology and management−consulting firm he founded in 1984. Dr.Marcella has completed diverse technical security consulting engagements involving disaster recovery planning, site and systems security, IT, financial and operational audits for an international clientele. He has contributed numerous articles to audit−related publications and has authored and co−authored 18 audit−related texts.

Robert S. Greenfield, MCP, has over 16 years of experience as a programmer/analyst, with the

past five years as a systems consultant and software engineer in the consulting field. He has

extensive experience designing software in the client/server environment. In addition to mainframe experience on several platforms, his background includes systems analysis, design, and development in client/server GUI and traditional environments. His client/server expertise includes Visual Basic, Access, SQL Server, Sybase, and Oracle 7.3 development. Mr. Greenfield has created intranet Web sites with FrontPage and distributing applications via the Internet. He currently holds professional accreditation as a Microsoft Certified Professional and continues self paced training to achieve MCSE, MCSD, and MCSE/D + Internet ratings.

Abigail Abraham is an Assistant State's Attorney, prosecuting high−technology crimes for the Cook County State's Attorney's Office in Chicago, Illinois. She was awarded her J.D. from The University of Chicago Law School and served as an editor on the law review. Following law school, she clerked for one year for the Honorable Danny J. Boggs, U.S. Court of Appeals for the Sixth Circuit. She is an adjunct law professor at The University of Chicago Law School. In addition, she has designed training for lawyers and for police officers, and lectures around the country on high−technology legal issues.

Brent Deterdeing graduated from the University of Missouri with a degree in computer science and a minor in economics. Brent's involvement with SANS is extensive. He is an author of an upcoming book on firewalls through SANS, as well as chairing the SANS/GIAC Firewalls Advisory Board. He has mentored both small and large classes through SANS/GIAC Security Essentials Training & Certification (GSEC). Brent also authors, revises, and edits SANS courseware, quizzes, and tests. He has earned the SANS/GIAC GSEC (Security Essentials), GCFW (Firewall Analyst — HONORS), GCIA (Intrusion Analyst), and GCIH (Incident Handling) certifications, as well as being a Red Hat Certified Engineer (RHCE). Brent participates in the St. Louis InfraGard chapter.

John W. Rado is a geospatial analyst at National Imagery and Mapping Agency (NIMA) in St.

Louis, Missouri. John has worked for NIMA since January of 1991.

William J. Sampias has been involved in the auditing profession for the past decade, with primary emphasis on audits of information systems. Mr. Sampias has published several works in the areas of disaster contingency planning, end−user computing, fraud, effective communications, and security awareness. Mr. Sampias is currently director of a state agency information systems audit group.

Steven Schlarman, CISSP, is a security consultant with PricewaterhouseCoopers. Since joining

the firm in 1998, Steve has covered a number of roles, mainly as the lead developer of the

Enterprise Security Architecture System and Services. He has published articles on the subject as

well as being one of the major thought leaders in the PricewaterhouseCoopers' Enterprise Security Architecture Service line. Prior to joining the firm, Steve had worked on multiple platforms including PC applications, networking, and midrange and mainframe systems. His background includes system security, system maintenance, and application development. Steve has completed numerous technical security consulting engagements involving security architectures, penetration studies ("hacking studies"), network and operating system diagnostic reviews, and computer crime investigation. He has participated in both PC computer forensic analysis and network intrusion management and investigation. Prior to PricewaterhouseCoopers, Steve worked at a U.S. state law enforcement agency in the information systems division.

Carol Stucki is working as a technical producer for PurchasePro.com, a rapidly growing dot.com

company that is an application service provider specializing in Internet−based procurement. Carol's past experiences include working with GTE, Perot Systems, and Arthur Andersen as a programmer, system analyst, project manager, and auditor.

Cyber Forensics
A Field Manual for Collecting, Examining, & Preserving
Evidence of Computer Crimes

Disclaimer
As always with texts of this nature, here is the disclaimer….

The information contained within this field manual is intended to be used as a reference, and not as an endorsement of the included providers, vendors, and informational resources. Reference herein to any specific commercial product, process, or service by trade name, trademark, service mark, manufacturer, or otherwise does not constitute or imply endorsement, recommendation, or favoring by the authors or the publisher.
As such, users of this information are advised and encouraged to confirm specific claims for product performance as necessary and appropriate.

The legal/financial materials and information that are available for reference through this manual are not intended as a substitute for legal/financial advice and representation obtained through legal/financial counsel. It is advisable to seek the advice and representation of legal/financial counsel as may be appropriate for any matters to which the legal/financial materials and information may pertain.

Web sites included in this manual are intended to provide current and accurate information; neither the authors, publisher, nor any of its employees, agencies, and officers can warranty the information contained on the sites and shall not be held liable for any losses caused on the reliance of information provided. Relying on information contained on these sites is done at one's own risk. Use of such information is voluntary, and reliance on it should only be undertaken after an independent review of its accuracy, completeness, efficacy, and timeliness. Throughout this manual, reference links to other Internet addresses have been included. Such external Internet addresses contain information created, published, maintained, or otherwise posted by institutions or organizations independent of the authors and the publisher. The authors and the publisher do not endorse, approve, certify, or control these external Internet addresses and do not guarantee the accuracy, completeness, efficacy, timeliness, or correct sequencing of information located at such addresses. Use of such information is voluntary, and reliance on it should only be undertaken after an independent review of its accuracy, completeness, efficacy, and timeliness.


Introduction

As an auditor as well as researcher and author, I realize and value the importance of timely,

well−focused, accurate information. It is with this philosophy in mind that the development of this project was undertaken.

To the reader, a note of explanation…. This is not a text, but rather a field manual. It has been

written — better yet, compiled — and edited in a manner that will allow you to rapidly access a

specific area of interest or concern and not be forced to sequentially wade through an entire text,

chapter by chapter, to get to what is important to you.

In the true sense of a field manual, each "chapter" (and we use that term loosely) stands on its own and presents focused, timely information on a specific topic related to cyber forensics. The author of each "chapter" was selected for his or her expertise in a specific area within the very broad field of cyber forensics.

Often a limiting aspect of most projects, especially those written on emerging technical topics, is the inability to cover every aspect of the topic in a single all−inclusive text. This truth befalls this field manual that you are about to use.

Initial research into this growing discipline proved that it would be next to impossible to include all the areas of both interest and importance in the field of cyber forensics that would be needed and required by all potential readers and users in a single text. Thus, this field manual presents specific and selected topics in the discipline of cyber forensics, and addresses critical issues facing the reader who is engaged in or who soon will be (and you will!) engaged in the preservation, identification, extraction, and documentation of computer evidence.

As a user of this field manual, you will see that this manual's strength lies with the inclusion of an

exhaustive set of chapters covering a broad variety of forensic subjects. Each chapter was

thoroughly investigated; examined for accuracy, completeness, and appropriateness to the study of cyber forensics; reviewed by peers; and then compiled in a comprehensive, concise format to

present critical topics of interest to professionals working in the growing field of cyber forensics.

We finally had to select several key areas and put pen to paper, entice several colleagues to share

their ideas, and resign ourselves to the fact that we cannot say all that needs to be said in one text,

book, or manual. We trust the material we have included will serve as a starting point for the many professionals who are beginning their journey into this exciting discipline.

We begin our journey into the realm of this relatively new discipline by opening with a brief

discussion as to the current state of the environment relating to the need for this new field of

forensics and then a brief examination of the origins of cyber forensics. Along the way, we will

establish several basic definitions designed to assist the reader in moving easily through what could be difficult and confusing terrain.

Although e−mail is becoming more mission−critical for enterprises, it also has the

ability to haunt a company in times of trouble, because records of e−mail messages

remain in the company systems after deletion — a feature highlighted during the

Microsoft anti−trust trial. The case has featured critical testimony derived from old

Microsoft e−mail messages.

—InfoWorld, 10/25/99

Computer Forensics

Computer Forensics deals with the preservation, identification, extraction, and documentation of

computer evidence. The field is relatively new to the private sector but it has been the mainstay of

technology−related investigations and intelligence gathering in law enforcement and military

agencies since the mid−1980s.

Like any other forensic science, computer forensics involves the use of sophisticated technology

tools and procedures that must be followed to guarantee the accuracy of the preservation of

evidence and the accuracy of results concerning computer evidence processing.

What evidence is needed?

· All physical evidence (computer, peripherals, notepads, documentation, etc.)

· Visual output on the monitor

· Printed evidence on a printer

· Printed evidence on a plotter

· Film recorder (magnetic representations)

It is extremely important to realize that evidence must have been gathered in accordance with the

Fourth Amendment and the Electronic Communications Privacy Act (ECPA), and that

computer−generated evidence is considered "hearsay" with some exclusions. Depending on your

role or responsibility in the computer forensics investigation, you may be subject to differing sets of rules and regulations. Internal investigators, for example, are not subject to the Fourth Amendment stipulations; however, they are subject to the ECPA.

Typically, computer forensic tools exist in the form of computer software. Computer forensic

specialists guarantee accuracy of evidence processing results through the use of time−tested evidence processing procedures and through the use of multiple software tools, developed by separate and independent developers. The use of different tools that have been developed independently to validate results is important to avoid inaccuracies introduced by potential software design flaws and software bugs.

The introduction of the personal computer in 1981 and the resulting popularity came with a mixed blessing. Society in general benefited, but so did criminals using personal computers in the

commission of crimes. Today, personal computers are used in every facet of society to create and

share messages, compute financial results, transfer funds, purchase stocks, make airline

reservations, and access bank accounts and a wealth of worldwide information on essentially any

topic.

Computer forensics is used to identify evidence when personal computers are used in the

commission of crimes or in the abuse of company policies. Computer forensic tools and procedures are also used to identify computer security weaknesses and the leakage of sensitive computer data. In the past, documentary evidence was typically stored on paper and copies were made with carbon paper or photocopy machines.

Most documents are now stored on computer hard disk drives, floppy diskettes, Zip disks, and other forms of removable computer storage media. Computer forensics deals with finding, extracting, and documenting this form of "electronic" documentary evidence (www.forensics−intl.com/def4.html).

Along the way, prior to formally pursuing a cyber forensics investigation, several important and

critical questions must be asked:

What is the policy in the organization to report and deal with computer crime? (It may be

nonexistent, or it may be not well thought out or tested, or it may even be incompetent.)

·

· Do you "really" want to prosecute?

· Who do you call in law enforcement and what will be their reaction?

Additional questions that should be considered and appropriate answers well thought out include:

· Can you afford to be without the evidence?

· Are you willing to see this go public?

· Was a thorough investigation conducted?

· Did you violate the ECPA or any privacy issues?

· How will you prove the crime?

Is there any likelihood of the suspect doing damage prior to arrest? (Dr. Rayford Vaughn,

<vaughn@cs.msstate.edu>)

·

Obtaining concrete answers to these questions prior to embarking on a cyber forensics audit or

investigation is critical. Doing so may help shield the organization (as well as the

investigator/auditor/security personnel, etc.) from civil or criminal liabilities.

The material presented in the following pages of this field manual has been selected, developed,

and shared with the specific objective of providing the reader with a resource with which to become

better prepared to undertake and participate in the cyber forensics audit of a suspect system.

Table of Contents

Cyber Forensics—A Field Manual for Collecting, Examining, and Preserving Evidence of

Computer Crimes

Disclaimer...............6

Introduction......................7

Background.............8

Dimensions of the Problem..................9

Computer Forensics...........10

Works Cited.........11

Section I: Cyber Forensics

Chapter List..........13

Chapter 1: The Goal of the Forensic Investigation

Overview................................................................................................................................14

Why Investigate.....................................................................................................................14

Internet Exceeds Norm..........................................................................................................14

Inappropriate E−mail..............................................................................................................16

Non−Work−Related Usage of Company Resources.............................................................17

Theft of Information................................................................................................................18

Violation of Security Parameters............................................................................................18

Intellectual Property Infraction...............................................................................................19

Electronic Tampering.............................................................................................................20

Establishing a Basis or Justification to Investigate................................................................21

Determine the Impact of Incident...........................................................................................22

Who to Call/Contact...............................................................................................................24

If You Are the Auditor/Investigator.........................................................................................24

Resources..............................................................................................................................25

Authority.................................................................................................................................25

Obligations/Goals...................................................................................................................25

Reporting Hierarchy...............................................................................................................25

Escalation Procedures...........................................................................................................25

Time Frame............................................................................................................................26

Procedures.............................................................................................................................26

Precedence............................................................................................................................26

Independence........................................................................................................................26

Chapter 2: How to Begin a Non−Liturgical Forensic Examination

Overview................................................................................................................................27

Isolation of Equipment...........................................................................................................27

Cookies..................................................................................................................................29

Bookmarks.............................................................................................................................31

History Buffer.........................................................................................................................32

Cache.....................................................................................................................................34

Temporary Internet Files........................................................................................................35

Tracking of Logon Duration and Times..................................................................................35

Recent Documents List..........................................................................................................36

Tracking of Illicit Software Installation and Use.....................................................................37

Chapter 2: How to Begin a Non−Liturgical Forensic Examination

The System Review

The Manual Review...............................................................................................................41

Hidden Files...........................................................................................................................42

How to Correlate the Evidence..............................................................................................43

Works Cited......................................................................................................................44

Chapter 3: The Liturgical Forensic Examination: 

Tracing Activity on a Windows−Based Desktop

Gathering Evidence For Prosecution Purposes.....................................................................45

Gathering Evidence Without Intent to Prosecute...................................................................45

The Microsoft Windows−Based Computer.............................................................................46

General Guidelines To Follow................................................................................................48

Cookies..................................................................................................................................50

Bookmarks/Favorites.............................................................................................................53

Internet Explorer's History Buffer...........................................................................................54

Temporary Storage on the Hard Drive...................................................................................55

Temporary Internet Files........................................................................................................56

System Registry.....................................................................................................................57

Enabling and Using Auditing via the Windows Operating System.........................................61

Confiscation of Computer Equipment....................................................................................65

Other Methods of Covert Monitoring......................................................................................66

Chapter 4: Basics of Internet Abuse: 

What is Possible and Where to Look Under the Hood

Terms.....................................................................................................................................68

Types of Users.......................................................................................................................69

E−Mail Tracking.....................................................................................................................69

IP Address Construction........................................................................................................69

Browser Tattoos.....................................................................................................................69

How an Internet Search works...............................................................................................70

Swap Files.............................................................................................................................74

ISPs.......................................................................................................................................75

Servers...................................................................................................................................75

Works Cited......................................................................................................................75

Chapter 5: Tools of the Trade: Automated Tools 

Used to Secure a System Throughout

the Stages of a Forensic Investigation

Overview................................................................................................................................77

Detection Tools......................................................................................................................77

Protection Tools.....................................................................................................................84

Analysis Tools........................................................................................................................87

Chapter 6: Network Intrusion Management and Profiling

Overview................................................................................................................................91

Common Intrusion Scenarios.................................................................................................91

Intrusion Profiling...................................................................................................................95

Creating the Profile................................................................................................................96

Conclusion...........................................................................................................................103

Chapter 7: Cyber Forensics and the Legal System

Overview..............................................................................................................................105

How the System Works........................................................................................................105

Issues of Evidence...............................................................................................................106

Hacker, Cracker, or Saboteur..............................................................................................108

Best Practices......................................................................................................................115

Notes..............................................................................................................................115

Acknowledgments..........................................................................................................116

Section II: Federal and International Guidelines

Chapter List...........117

References............118

Chapter 8: Searching and Seizing Computers 

and Obtaining Electronic Evidence

Recognizing and Meeting Title III Concerns in Computer Investigations.............................123

Computer Records and the Federal Rules of Evidence.......................................................131

Proposed Standards for the Exchange of Digital Evidence.................................................134

Recovering and Examining Computer Forensic Evidence...................................................140

International Principles for Computer Evidence...................................................................141

Chapter 9: Computer Crime Policy and Programs

The National Infrastructure Protection Center Advisory 01−003..........................................143

The National Information Infrastructure Protection Act of 1996...........................................146

Distributed Denial of Service Attacks...................................................................................157

The Melissa Virus................................................................................................................163

Cybercrime Summit: A Law Enforcement/Information Technology Industry Dialogue........163

Chapter 10: International Aspects of Computer Crime

Council of Europe Convention on Cybercrime.....................................................................165

Council of Europe Convention on Cybercrime Frequently Asked Questions.......................168

Internet as the Scene of Crime............................................................................................168

Challenges Presented to Law Enforcement by High−Tech and Computer Criminals..........169

Problems of Criminal Procedural Law Connected with Information Technology.................169

Combating High−Tech and Computer−Related Crime........................................................169

Vienna International Child Pornography Conference...........................................................171

OECD Guidelines for Cryptography Policy..........................................................................171

Fighting Cybercrime: What are the Challenges Facing Europe?.........................................171

Chapter 11: Privacy Issues in the High−Tech Context

Law Enforcement Concerns Related to Computerized Databases......................................172

Enforcing the Criminal Wiretap Statute................................................................................174

Referring Potential Privacy Violations to the Department of Justice for Investigation

and Prosecution..................................................................................................................174

Testimony on Digital Privacy................................................................................................175

Chapter 12: Critical Infrastructure Protection

Attorney General Janet Reno's Speech on Critical Infrastructure Protection......................176

Protecting the Nation's Critical Infrastructures: Presidential Decision Directive 63.............176

The Clinton Administration's Policy on Critical Infrastructure Protection: Presidential

Chapter 12: Critical Infrastructure Protection

Decision Directive 63

Foreign Ownership Interests in the American Communications Infrastructure....................187

Carnivore and the Fourth Amendment.................................................................................188

Chapter 13: Electronic Commerce: Legal Issues

Overview..............................................................................................................................195

Guide for Federal Agencies on Implementing Electronic Processes...................................195

Consumer Protection in the Global Electronic Marketplace.................................................196

The Government Paperwork Elimination Act.......................................................................196

Internet Gambling................................................................................................................197

Sale of Prescription Drugs Over the Internet.......................................................................197

Guidance on Implementing the Electronic Signatures in Global And National

Commerce Act (E−SIGN)....................................................................................................198

Part I: General Overview of the E−SIGN Act.......................................................................198

The Electronic Frontier: the Challenge of Unlawful Conduct Involving the Use of the

Internet................................................................................................................................215

Internet Health Care Fraud..................................................................................................217

Jurisdiction in Law Suits.......................................................................................................218

Electronic Case Filing at the Federal Courts.......................................................................225

Notes..............................................................................................................................226

Chapter 14: Legal Considerations in Designing and Implementing Electronic

Processes: A Guide for Federal Agencies

Executive Summary.............................................................................................................229

Introduction..........................................................................................................................237

I. Why Agencies Should Consider Legal Risks....................................................................238

II. Legal Issues to Consider in "Going Paperless"...............................................................242

III. Reducing The Legal Risks in "Going Paperless"............................................................255

Conclusion...........................................................................................................................266

Notes..............................................................................................................................267

Chapter 15: Encryption

Department of Justice FAQ on Encryption Policy (April 24, 1998)......................................273

Interagency and State and Federal Law Enforcement Cooperation....................................273

Law Enforcement's Concerns Related to Encryption...........................................................273

Privacy in a Digital Age: Encryption and Mandatory Access...............................................274

Modification of H.R. 695.......................................................................................................280

Security and Freedom Through Encryption Act...................................................................281

OECD Guidelines for Cryptography Policy..........................................................................285

Recommended Reading................................................................................................285

Chapter 16: Intellectual Property

Prosecuting Intellectual Property Crimes Guidance............................................................286

Deciding Whether to Prosecute an Intellectual Property Case............................................286

Government Reproduction of Copyrighted Materials...........................................................286

Federal Statutes Protecting Intellectual Property Rights.....................................................286

IP Sentencing Guidelines.....................................................................................................289

Intellectual Property Policy and Programs...........................................................................292

Copyrights, Trademarks and Trade Secrets........................................................................294

Section III: Forensics Tools

Chapter List..............296

Chapter 17: Forensic and Security Assessment Tools

Detection, Protection, and Analysis.....................................................................................297

Detection and Prevention Tools for the PC Desktop...........................................................297

Analysis Tools......................................................................................................................299

Applications..........................................................................................................................301

Additional Free Forensics Software Tools...........................................................................307

Chapter 18: How to Report Internet−Related Crime

Overview..............................................................................................................................308

The Internet Fraud Complaint Center (IFCC)......................................................................309

Chapter 19: Internet Security: An Auditor's Basic Checklist

Firewalls...............................................................................................................................310

Supported Protocols............................................................................................................311

Anti−Virus Updates..............................................................................................................311

Software Management Systems..........................................................................................312

Backup Processes and Procedures.....................................................................................312

Intra−Network Security........................................................................................................312

Section IV: Appendices

Appendix List...........314

Appendix A: Glossary of Terms

A−C...........314

D..................317

E−G..................319

H−I.........................322

K−Q............................323

R−S........................................324

T−W..........................................326

Appendix B: Recommended Reading List

Books....................329

Articles........................332

Web Sites........................333

List of Exhibits

Chapter 2: How to Begin a Non−Liturgical Forensic Examination............337

Chapter 3: The Liturgical Forensic Examination: 

Tracing Activity on a Windows−Based Desktop........337

Chapter 4: Basics of Internet Abuse: 

What is Possible and Where to Look Under the Hood..............337

Chapter 5: Tools of the Trade: Automated Tools Used to 

Secure a System Throughout the Stages of a Forensic Investigation..............338

Chapter 6: Network Intrusion Management and Profiling................338

Chapter 8: Searching and Seizing Computers and Obtaining Electronic Evidence.............338

List of Exhibits

Chapter 9: Computer Crime Policy and Programs........338

Chapter 11: Privacy Issues in the High−Tech Context.......338

Chapter 12: Critical Infrastructure Protection.....339

Chapter 13: Electronic Commerce: Legal Issues.........339

Chapter 14: Legal Considerations in Designing and Implementing Electronic

Processes: A Guide for Federal Agencies.........339

Chapter 18: How to Report Internet−Related Crime.......339

Screenshot

Purchase Now !
Just with Paypal

Product details

Price
Pages	346 p
File Size	3,512 KB
File Type	PDF format
ISBN	0−8493−0955−7 (alk. paper)
Copyright	2002 by CRC Press LLC

  ●▬▬▬▬▬❂❂❂▬▬▬▬▬●

●▬▬❂❂▬▬●

●▬❂▬●

●❂●

═════● ●═════