También se denomina ciencia forense informática. Cuando se trata de la seguridad de la información, se refiere a la aplicación de herramientas de investigación y técnicas de análisis para recolectar evidencia a partir de recursos informáticos a fin de determinar la causa del riesgo de los datos.
http://es.pcisecuritystandards.org
El análisis forense es una metodología de estudio ideal para el análisis posterior de incidentes, mediante el cual se trata de reconstruir cómo se ha penetrado en el sistema, a la par que se valoran los daños ocasionados. Si los daños han provocado la inoperabilidad del sistema, el análisis se denomina análisis postmortem.
http://es.wikipedia.org/wiki/Auditor%C3%ADa_de_seguridad_de_sistemas_de_informaci%C3%B3n
The application
of the scientific method to digital media to establish factual information for
judicial review.
Scope Note: This
process often involves investigating computer systems to determine whether they
are or have been used for illegal or unauthorized activities As a discipline it
combines elements of la and have been used for illegal or unauthorized
activities. As a discipline, it combines elements of law and computer science
to collect and analyze data from information systems (e.g., personal computers,
networks, wireless communication and digital storage devices) in a way that is
admissible as evidence in a court of law.
ISACA, Cybersecurity Glossary, 2014
The process of
identifying, preserving, analyzing and presenting digital evidence in a manner
that is legally acceptable in any legal proceedings
ISACA, Cybersecurity Glossary, 2014
The process of
collecting, assessing, classifying and documenting digital evidence to assist
in the identification of an offender and the method of compromise
ISACA,
Cybersecurity Glossary, 2014
The practice of
gathering, retaining, and analyzing computer-related data for investigative
purposes in a manner that maintains the integrity of the data. [CNSSI_4009:2010]
The practice of
gathering, retaining, and analyzing computer-related data for investigative
purposes in a manner that maintains the integrity of the data. [CNSSI_4009:2010]
An accurate
bit-for-bit reproduction of the information contained on an electronic device
or associated media, whose validity and integrity has been verified using an
accepted algorithm. [CNSSI_4009:2010]
The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. [NIST-SP800-61:2004]
Also referred to
as computer forensics. As it relates to information security, the application
of investigative tools and analysis techniques to gather evidence from computer
resources to determine the cause of data compromises.
https://www.pcisecuritystandards.org/security_standards/glossary.php
Computer forensics is application of the scientific method to digital media in order to establish factual information for judicial review. This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities. Mostly, computer forensics experts investigate data storage devices, either fixed like hard disks or removable like compact disks and solid state devices. Computer forensics experts:
·
Identify
sources of documentary or other digital evidence.
· Preserve the evidence.
·
Analyze
the evidence. Present the findings.
Computer
forensics is done in a fashion that adheres to the standards of evidence that
are admissible in a court of law.
http://en.wikipedia.org/wiki/Computer_forensics
The intelligence resulting from the integration of scientifically examined materials and other information to establish full characterization, attribution, and the linkage of events, locations, items, signatures, nefarious intent, and persons of interest. Also called FEI. [JP2-0:2013]
Également dénommé
«expertise judiciaire en informatique». Sappliquant à la sécurité des
informations, les outils dinvestigation et de techniquesdanalysepermettent de
rassembler des preuves à partir des ressources informatiques afin de déterminer
la cause de la compromission des données.
http://fr.pcisecuritystandards.org/
Temas relacionados