Security News:

Not only must security professionals be skilled in many areas of security execution, they must be prepared to assist companies in bringing wrongdoers to justice. To do this, security professionals must be knowledgeable on laws pertaining to privacy, civil and criminal activity. This encompasses understanding the issues of investigating computer crimes, the role of forensics, types of evidence and how to ensure that companies are compliant to applicable laws. Above all, security professionals must be prepared to apply prudent judgment, often in tense situations, so that appropriate decisions will be made. This domain of the CISSP Common Body of Knowledge covers the following topics:

• Professional ethics: Ethics as they pertain to security professionals and best practices
• Cyberlaw and crimes: Types of computer crimes, and the laws and acts put into effect to fight computer crime
• Motives and profiles of attackers: Attack profiles, types and objectives
• Incident handling and investigation techniques: Computer crime investigation procedures, including types of evidence and handling procedures