0 évaluation0% ont trouvé ce document utile (0 vote)
43 vues66 pages
OWASP AppSec Seattle 2006 5 Standard Incident Response and Forensics Capture volatile data Processes Ports and network connections Memory dumps Logged in users Perhaps capture some non-volatile data Event logs file listing and timestamps Shutdown system Make forensic image Analyze image with forensic tools Check for known malicious software Examine deleted files Carve files based on headers
OWASP AppSec Seattle 2006 5 Standard Incident Response and Forensics Capture volatile data Processes Ports and network connections Memory dumps Logged in users Perhaps capture some non-volat…