1 Pertemuan 26 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

Slides:



Advertisements
Similar presentations
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Advertisements

OC RIMS Cyber Safety & Security Incident Response.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
1 Pertemuan 25 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
1 Pertemuan 10 Membuat dan mengelola resiko dan kriminalitas sistem informasi Matakuliah: H0472 / Konsep Sistem Informasi Tahun: 2006 Versi: 1.
1 Pertemuan 14 Understanding Interactive Communication Matakuliah: J0324/Sistem e-Bisnis Tahun: 2005 Versi: 02/02.
Computer Security and Risks 11.  2001 Prentice Hall11.2 Chapter Outline On-line Outlaws: Computer Crime Computer Security: Reducing Risks Security, Privacy,
Security, Privacy, and Ethics Online Computer Crimes.
1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 23 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 21 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 7 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 17 Audit Performance Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.
1 Pertemuan 11 & 12 The Internet and the New Information Technology Infrastructure Matakuliah: J0454 / Sistem Informasi Manajemen Tahun: 2006 Versi: 1.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Pertemuan 25 Managing The Effectiveness of The Audit Department Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
1 Pertemuan 12 Strategi dan Implementasi e-Bisnis Matakuliah: H0292 / E-Business Tahun: 2005 Versi: v0 / Revisi 1.
1 Pertemuan 3 Information at Risk Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 19 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 4 Auditing Standards and Responsibilities Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 5 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 8 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 10 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Computer Fraud Pertemuan XVIII Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
1 Pertemuan 19 Audit Reporting Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 24 Managing The Effectiveness of The Audit Department Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Pertemuan 02 Aspek dasar keamanan Jaringan dan ketentuan baku OSI
1 Pertemuan 12 Software Protection Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 5 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Chapter 11 Security and Privacy: Computers and the Internet.
General Awareness Training
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
TITLE : E-SAFETY NAME : ABDUL HAFIQ ISKANDAR BIN ROZLAN PROGRAM : SR221 NO.STUDENT :
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Liam Bradford.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
Information Systems Security Operational Control for Information Security.
Computer Forensics Principles and Practices
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
1 Pertemuan 03 Ancaman dan Serangan Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Pertemuan 10 Software Protection Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Internet Safety Internet Safety LPM
Teacher Rooming Equipment Rules / Expectations Login / Passwords Technical Issues Homework Printing.
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY: SECURITY Taylor Moncrief.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
CONTROLLING INFORMATION SYSTEMS
1 Pertemuan 22 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
1 Pertemuan 8 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
DATA PROTECTION 2003 THEORY AND PRACTICE OF HANDLING WITH THE COMPUTER CRIME IN THE REPUBLIC OF MACEDONIA Belgrad.
1 Pertemuan 9 Software Protection Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
Safety & Security By Kieran Bolko. Laws The main law that you should be taking note of is the Data Protection Act 1998 – this law sets rules for the electronic.
Security, Ethics and the Law. Vocabulary Terms Copyright laws -software cannot be copied or sold without the software company’s permission. Copyright.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Common Methods Used to Commit Computer Crimes
Pertemuan 16 Security Policies
SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12
Introduction to Digital Forensics
Presentation transcript:

1 Pertemuan 26 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1

2 Learning Outcomes Pada akhir pertemuan ini, diharapkan mahasiswa akan mampu : Mahasiswa dapat menunjukkan hubungan antara Contingency planning dan crisis management

3 Outline Materi Forensics –Chains of Evidence –Evidence

4 Forensics Chains of Evidence Evidence

5 Chains of Evidence Contrary to popular perception,most e- business and information security crimes and abuses that are reported today are internally inspired and range from theft of information to sabotage.

6 As a result, the work of the computer forensics expert is a far more complex operation than most people appreciate.

7 Computer forensics enables the systematic and careful identification of evidence in computer-related crime and abuse cases.

8 This may range from tracing the tracks of a hacker through an organisation’s IT systems,to tracing the originator of apparently anonymous defamatory s, to recovery evidence of fraud.

9 But, as with any investigation, it is vital to know where to look to find the evidence required and how not to destroy that very evidence in the process.

10 This requires skill, knowledge and a lot of experience – especially as all forensic investigations must respect the laws governing the rights of the individual in each country and must always be handled with sensitivity.

11 A computer forensics investigation can reveal practically everything, from the character of the user, to their interests, activities,financial health, acquaintances and more.

12 It is all there to be recovered from applications, systems, Internet browsers and free space.

13 Their life, outlook, intelligence and interactions are held – as individual as any fingerprint – on the computer they use.

14 There is no limit to the accountability that can be uncovered: private business transactions,communications with accomplices, fraud indicators and much more are frequently mined from systems.

15 Attempts to hide or erase this evidence are often unsuccessful, and a ‘golden nugget’ that proves a crime can be unearthed by an expert.

16 The evidence that a forensics investigation will seek uncover will vary; but activity such as Internet abuse during working hours is a good example of a well-known business problem.

17 Industrial espionage is also still a problem, and the discovery of ‘key loggers’ is increasing with improved user awareness.

18 A small hardware device or software utility such as this can easily be installed and go unnoticed.

19 Gathering The Evidence The process of gathering evidence requires proper incident management training.

20 Investigators must follow the correct procedures or the evidence may be compromised and become inadmissible.

21 There is also an array of pitfalls to be avoided when attempting to secure reliable evidence: it must not be damaged, destroyed or compromised in any way, and steps must be taken to ensure that the investigation: –Does not change any of the time and date stamps of files –Does not change the contents of the data itself –Maintains a complete and comprehensive audit trial of the steps taken –Understands what operations the computer performs when it is turned on or off

22 Computer forensics is a growing area that is earning increasingly wide recognition; and as systems and networks increase in complexity, it is becoming more and more specialised.

23 It is also the area for specialist companies who have the resources, knowledge and experience to rally make a difference.

24 It is also important to remember that it is only possible to uncover what is actualy there.

25 This may seem like an obvious point to make, but computer forensics cannot promise or perform miracles, and the most obvious piece of evidence, such as a letter written to an accomplice, logging dates, times and transactions, found in the free space on a disk is a highly unusual occurrence.

26 A really good forensics team can tell, in an instant, whether a business has good grounds for further investigation or not.

27 They will know from their initial examination whether something looks wrong and out of place.

28 Such a decision can often save a company many thousands of pounds and a lot of wasted time.

29 As the discipline develops, forensics is spreading into whole new areas.

30 Specialist teams are not only being tasked with handling criminal incidents but also with developing and implementing blocking, prevention and tracking techniques in companies and throughout organisations.

31 But the fact is that most hacking cases are not pursued as far as they should be – companies simply rebuild their systems and get on with business, due to fear of the expense and loss of time that prosecution might involve.

32 Forensic specialist are increasingly advising on the viability of potential courses of action, and are increasingly being called upon to help pinpoint sources of danger and devise procedures that prevent repeat attacks.

33 Theft of company information and intellectual property is still the largest area of corporate crime,and computer forensics is certain to grow in importance as the volume of e-commerce transactions increases and as access to company networks and corporate information needs to be more reliably protected and ever- more tightly controlled.

34 The End