CISCISSP Domain 9 : LAW, INVESTIGATIONS & ETHICS

Overview

The Law, Investigations, and Ethics domain addresses computer crime laws

and regulations; the investigative measures and techniques which can be

used to determine if a crime has been committed, methods to gather

evidence if it has, as well as the ethical issues and code of conduct for the

security professional.

Incident handling provides the ability to react quickly and efficiently to

malicious technical threats or incidents.

The candidate will be expected to know the methods for determining whether

a computer crime has been committed; the laws that would be applicable for

the crime; laws prohibiting specific types of computer crime; methods to

gather and preserve evidence of a computer crime, investigative methods

and techniques; and ways in which RFC 1087 and the (ISC) 2

™ Code of Ethics can be applied to resolve ethical dilemmas.

Key Areas of Knowledge

§ Laws

§ Licensing

§ Intellectual Properties

§ Import/Export

§ Liability

§ Transborder Data Flow

§ Major categories and types of laws

§ Criminal Law

§ Civil Law

§ Administrative Law

§ Investigations

§ Evidence

§ Types of admissible evidence

§ Collection and preservation of evidence

§ Chain of Evidence

§ Investigation Processes and Techniques

§ Target

§ Object/Subject

§ Team Composition

§ Forensics

§ Privacy

§ Interrogation

§ Internal/External confidentiality

§ Major categories of computer crime

§ Military and Intelligence Attacks

§ Business Attacks

§ Financial Attacks

§ Terrorist Attacks

§ Grudge Attacks

§ "Fun" Attacks

§ Incident Handling

§ Common types of incidents

§ Abnormal and suspicious activity

§ Generally accepted guidelines for confiscating equipment, software,

and data

§ Generally accepted guidelines for incident data integrity and retention

§ Generally accepted guidelines for reporting incidents

§ Ethics

§ (ISC2)TM Code of Ethics

§ Request for Comment 1087 - Internet Activity Board "Ethics and the

Internet"