CISSP study guide: Information security laws, investigations and ethics

CISSP Essentials training: Domain 8, Law, Investigations and Ethics

Not only must information security professionals be skilled in many areas of security execution, but they must also be prepared to assist companies in bringing wrongdoers to justice. To do this, security pros must be knowledgeable on laws pertaining to privacy, civil and criminal activity.

About CISSP Essentials

Discover what you need to know to ace the CISSP exam with this series of CISSP certification training lessons. Each lesson, which contains a video, domain spotlight article and a quiz with sample CISSP exam questions, corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

In this CISSP Essentials Security School lesson, Domain 8, Laws, Investigations and Ethics, expert CISSP exam trainer Shon Harris details how the issues of investigating computer crimes, the role of forensics, types of evidence and how to ensure that companies are compliant to applicable laws. Above all, security professionals must be prepared to apply prudent judgment, often in tense situations, so that appropriate decisions will be made.

Before watching the special Domain 8, Laws, Investigations and Ethics video below, it's recommended that students first read the Domain 8 spotlight article, which provides an overview of the concepts presented in the video, such as professional ethics as they pertain to security professionals and best practices; types of computer crime and the traditional laws and cyberlaws put into effect to fight computer crime; attack profiles, hacker movites and objectives; and incident handling, investigation techniques and procedures, types of evidence and evidence handling.

After watching the video, test your comprehension of this material with our Domain 8, Law, Investigations and Ethics quiz. Upon completion, return to the CISSP Essentials Security School table of contents to select your next lesson.

About Shon Harris:
Shon Harris is a CISSP, MCSE and President of Logical Security, a firm specializing in security educational and training tools. Logical Security offers curriculum, virtual labs, instructor slides and tools for lease by training companies, security companies, military organizations, government sectors and corporations.

Shon is also a security consultant, an engineer in the Air Force's Information Warfare unit, an entrepreneur and an author. She has authored two best selling CISSP books, including CISSP All-in-One Exam Guide, and was a contributing author to the book Hacker's Challenge. Shon is currently finishing her newest book, Gray Hat Hacking: The Ethical Hacker's Handbook.

CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as ISC(2).

This was first published in September 2008