1. Center for Operational Security
2. Incident Response Domain
An Overview of Incident Response • Incident Response: What Is It? • As to Why IR is Required. • Contrast Security Events with Security Incidents • Crisis Management Process – National Institute of Standards and Technology Publication 80061r2 • The nature of this thing, and the reason for its use.
3. Digital Forensics
Incident Response: A Primer • Introduction to the Section • Definition of Digital Forensics • Evidence gathering, most often in the context of computer crime • Subject Access Requests in Digital Form Proof Documents • Introduction to Section • unstable evidence • In-Random-Access Memory (RAM), Cache, Register Content, Routing Tables, Address Resolution Protocol (ARP) Cache, Process Table, Kernel Statistics, and Swap File/Temporary File System • Magnetic Disc Testimony • Disk or Solid-State Drive • Connected Data.