Domains of CISSP: Legal, Regulations, Compliance and Investigations

Search Knowledge Center:

Latest Articles:

Domains of CISSP: Legal, Regulations, Compliance and Investigations

Overview

The Legal, Regulations, Compliance and Investigations domain addresses computer crime laws and regulations, the investigative measures and techniques which can be used to determine if a crime has been committed, and methods to gather evidence.

Incident handling provides the ability to react quickly and efficiently to malicious technical threats or incidents.

The candidate will be expected to know the methods for determining whether a computer crime has been committed; the laws that would be applicable for the crime; laws prohibiting specific types of computer crime; investigative methods and techniques to gather and preserve evidence of a computer crime; and ways to address compliance.

Key Areas of Knowledge

Understand legal issues that pertain to information security internationally
- Computer crime
- Licensing and intellectual property (e.g., copyright, trademark)
- Import/Export
- Trans-border data flow
- Privacy
Understand and support investigations
- Policy
- Incident handling and response
- Evidence collection and handling (e.g., chain of custody, interviewing)
- Reporting and documenting
Understand forensic procedures
- Media analysis
- Network analysis
- Software analysis
Understand compliance requirements and procedures
- Regulatory environment
- Audits
- Reporting

Copyright© Ashford Global IT. 2012. All rights reserved.
ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.
IT Infrastructure Library® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.

[ Home of ITIL V3] [ Security Course ] [ Security Certified Training ] [ ITIL Service ] [ ITIL Certified ] [ ITIL Training ] [ ITIL Foundation Certification ] [ Information Technology Infrastructure Library ] [ ITIL Manager ]