As a security administrator you have been assigned the


Ken 7 Windows Limited has decided to form a computer security incident response team (CSIRT). When making any security-related changes, they know the first step is to modify the security policy.

As a security administrator, you have been assigned the responsibility of developing a CSIRT policy that addresses incident evidence collection and handling.

This policy will guide CSIRT team members in developing procedures on proper techniques in handling evidence. The goal is to ensure all evidence collected during investigations is valid and admissible in court.

You will write a policy to ensure all evidence is collected and handled in a secure and efficient manner. All procedures and guidelines will be designed to fulfill the policy you create.

Answer the following questions for collecting and handling evidence:

1. What are the main concerns when collecting evidence?

2. What precautions are necessary to preserve evidence state?

3. How do you ensure evidence remains in its initial state?

4. What information and procedures are necessary to ensure evidence is admissible in court?

Submission Requirements

Format: Microsoft Word

Font: Times New Roman, 12-Point, Double-Space

Citation Style: APA Style with 3 references

Length: 2-3 pages

Solution Preview :

Prepared by a verified Expert
Management Information Sys: As a security administrator you have been assigned the
Reference No:- TGS02871632

Now Priced at $20 (50% Discount)

Recommended (90%)

Rated (4.3/5)