The chain of custody, also known as the chain of evidence, provides a paper trail that tracks each time someone handles a piece of physical evidence. In the case of digital forensics, this might include the original hard drive or other primary evidence collected by investigators and used for later analysis. In this video, learn how to maintain a chain of custody for electronic evidence.
- [Narrator] When evidence is used in court…or in another formal setting,…both parties involved in a dispute…have the right to ensure that the evidence presented…has not been tampered with during the collection,…analysis, or storage process.…We've already discussed how hashing can be used…to verify that digital evidence has not changed.…The chain of custody also plays an important…role in ensuring the authenticity of evidence.…The chain of custody, also known as the chain of evidence,…provides a paper trail that tracks each time…someone handles a piece of physical evidence.…
In the case of digital forensics,…this might include the original hard drive…or other primary evidence collected…by investigators and used for later analysis.…When collecting physical evidence,…the evidence should always be placed…in an evidence storage bag or other container…that is labeled with the date, time,…and location of collection,…the name of the person collecting the evidence,…and the contents of the storage bag.…It should then be sealed with a tamper-resistant seal…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Conducting investigations
- Reporting and documenting incidents
- Continuous security monitoring
- Preventing data loss and theft
- Asset management
- Change management
- Virtualization security
- Security principles: need to know, separation of duties, and more
- Building an incident response program
- Personnel safety and emergency management
Skill Level Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Investigations and Forensics
2. Logging and Monitoring
Data loss prevention6m 34s
3. Resource Security
4. Security Principles
5. Incident Management
6. Personnel Safety
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.