Incident Response Reference Materials

| Investigation Process | Investigation Tools |
| U.S. Laws, Computer Crimes | U.S. Laws, Regulatory Requirements | International Laws |
 | Professional Organizations |

1. Information Systems- the source of the vulnerabilities that can be exploited

2. Cyber Crimes- the threats created by those who want to exploit the vulnerabilities

3. Risk Management- the strategies and tactics used by an organization to manage the risks created by the combination of vulnerabilities and threats

4. Incident Investigations- the "response" mode in the risk management strategy in which investigations are conducted and prosecution is pursued.

Investigation Process

• An Explanation of Computer Forensics- by Judd Robbins

• Best Practices for Seizing Electronic Evidence- U.S. Secret Service

• Forensic Examination Procedures- by IACIS

• Forensic Computer Analysis: An Introduction- Dr. Dobb's Journal

Investigation Tools

• EnCase- Guidance Software

• Evidor, Evidence Collector- X-Ways Software Technology AG

• Forensics Toolkit- by AccessData Corp

• Mares and Company- commercial and free tools

• New Technologies, Inc.- tools, consulting, training, and altruism&

• TUCOFS- The Ultimate Collection of Forensics Tools

• E-Evidence Information Center- bibliography maintained by Christine Siedsma

U.S. Laws- Computer Crimes

• Computer Crime & Intellectual Property Section- U.S. Department of Justice

• Child Internet Protection Act (CIPA)

• Children's Online Privacy Protection Act of 1998 (COPPA)

• Computer Fraud & Abuse Act (Title 8, Section 1030)

• Digital Millennium Copyright Act of 1998

• Economic Espionage Act

• Gramm-Leach-Bliley Act, Subtitle B- Fraudulent Access to Financial Information

• USA Patriot Act 2001

• Information Technology Management Reform Act of 1996 

• Homeland Security Act of 2002

U.S. Laws- Regulatory Compliance

• Gramm-Leach-Bliley Act, Subtitle A- Disclosure of Nonpublic Personal Information

• Gramm-Leach-Bliley Act- excellent resource provided by the FTC

• Health Insurance Portability and Accountability Act of 1996 (HIPPA)

• California's Information Practices Act of 2002

International Laws

• Information & Communications Policy, by the OECD

Rules of Evidence

• Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations- manual published by the USDoJ

Professional Organizations

• International Association of Computer Investigative Specialists

• Northwest Computer Technology & Crime Analysis Seminar

• Department of Defense Computer Forensics Laboratory, informative article in NetworkWorld

• High Technology Crime Investigation Association

• Forum of Incident Response and Security Teams- FIRST

Journals

• Information Security
• Security Focus Online

Vendors

• Cellular Data Resources- forensics on cell phone records

• Guidance Software- EnCase forensic software

• Identity Restoration, Inc.- recovery from identity theft

  ---