Forensic Readiness Checklist

The document is a digital forensics readiness checklist that provides questions for organizations to assess their preparedness. It covers areas like policy and procedures, legal and regulatory compliance, public relations, incident response, asset inventory, auditing and logging, infrastructure, training, and logistics. The checklist contains over 100 questions across these categories and provides a maturity scale of 0 to 5 to evaluate an organization's capabilities in each area.

Uploaded by

damtek

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

100% found this document useful (2 votes)

904 views2 pages

Forensic Readiness Checklist

Uploaded by

damtek

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 2

Digital Forensics Readiness Checklist

WareOnEarth Communications, Inc.

(703) 517.1327 E-mail: [email protected]
www.wareonearth.com/resources_forensics.html

DigitalForensicsReadinessChecklist
Rateyourselfagainstthesefundamentalreadinesssteps.Howpreparedareyou?
Policy&ProcedureReview
[]2 Doesyouracceptableusepolicysetexpectationsforausersexpectationofprivacy?
[]2 Haveyouestablishedastanceregardingpursuingcriminalprosecutionagainstoffenders?
[]3 Areallchangestocriticalsystemsformallydocumented?
[]3 Arewarningbannersusedonallcriticalsystemsindicatingunauthorizedusecanbemonitored?
[]3 Hastheprocedureforhandlingevidenceandconductinganinvestigationbeenclearlydefinedand
implemented?
[]3 Haveyouclearlydefinedwhatapprovalsareneededbeforeinvestigatorscanstartgatheringevidenceabout
anemployee?
[]3 Haveyouestablishedanescalationpathandapprovalsthatincludesoffhourssupport?
[]3 Haveproceduresbeenestablishedtogatherevidenceforapotentialfutureinvestigationwheneveran
employeeisdismissed?
[]3 Isitstandardproceduretoforensicallywipeallmediausedinaninvestigationbeforeitisreused?
[]3 Hasapolicybeendefinedforhowlonginvestigativedatawillberetained?
Legal&Regulatory
[]1 Areyourlegalstafffamiliarwithdatabreachlawsandapplicableregulationsrelatedtoinformationsecurity?
[]3 Hasthelegaldepartmentbeenformallyincludedintheinvestigationescalationpath?
[]3 Haveyouaccountedforrequirementstoreportpotentialdatabreachestoregulatorsinyourincident
handlingprocedures?
[]3 Hasitbeendocumentedwhoneedstobenotifiedintheeventofadatabreach,includinggoverningbodies,
partners,customers,andemployees?
[]3 HavelocalrequirementsforinvestigatorstoobtainPrivateInvestigatorlicensinginsomestatesbeen
researchedandaddressed?
PublicRelations&Messaging
[]2 Haveyoudefinedwhoneedstorevieworapprovepublicstatementsormessagestocustomers?
[]3 Doyouhaveaplantogetinformationtocustomersinanemergency?
IncidentTracking&RiskDecisions
[]2 Haveyouestablishedcriteriaforclosinganincident?
[]4 Aremetricscapturedfortrackingthenumberofeventsvs.incidents?
[]4 Arethereguidelinestodeterminewhenamalwareinfectionisworthinvestigatingversusfixing?
[]4 Haveyouimplementedanincidenttrackingsystemtoreportonthenumber,type,anddurationofsecurity
incidents?
GeographicRequirements
[]2 Isyourstafftrainedinremoteofficestogatherevidenceandsenditbackforanalysis?
[]3 Haveyouresearchedanddocumentedtheapplicableinternationallawsthatmayconstrainaninvestigation?
EnterpriseDocumentationReview
[]3 HaveyoudocumentedwhatIPspaceyouuseinternallyandexternally?
[]3 HaveyoudocumentedwhatIPspaceyourcustomersandpartnersuse?
[]3 IsaDHCPhistorystoredonthenetworkandmaintainedaccordingtotheretentionpolicy?
[]3 WhereNATisbeingusedinthenetwork,areaddresstranslationlogsavailablemaintainedaccordingtothe
retentionpolicy?

WareOnEarth Communications, Inc. 1 of 2

Digital Forensics Readiness Checklist
WareOnEarth Communications, Inc.
(703) 517.1327 E-mail: [email protected]
www.wareonearth.com/resources_forensics.html

AssetInventory&Profiling
[]2 Haveyoutestedyourforensictoolswithanynonstandardhardwaresuchastablets?Whataboutanon
standardOSlikeIRIX?
[]3 Doyouhavestandardbuildsorimagesforstagingsystems?
[]3 Doyouhaveaninventoryoryourassetsandsoftware?
[]4 Doyouhavehashdatabasesofknowngoodsoftwareusedinyourcompany?
[]4 Doyouhavecryptographichashesofsystemimagesorcoresystemfiles?
[]4 Haveyourassetsbeenratedintermsofcriticalityorrisksensitivitytotheorganization?
[]4 Haveyouestablishedsystemandnetworkbaselinesofnormalconfigurationsandactivity?
InformationGatheringPoints
[]1 Isanetworksnifferinplaceoravailableforcentralaggregationpoints?
[]2 Havepossiblenetworkspanportsbeenidentified?
[]2 Haveyoutestedyourforensictoolswithyourdiskencryptionsoftware?
[]2 AreyoumonitoringalloutboundtraffictotheInternet?
[]3 Haveyouestablishednetworkmonitoringpointsthatcanviewunencryptedtraffic?
Auditing&LoggingReview
[]2 Haveyouverifiedthathistoricalemailmessagesandmailboxescanberetrieved/searchedondemand?
[]3 Haveyouverifiedthatsecurityrelatedeventsarebeingcapturedonallcriticalsystems?
[]3 Haveyouconfiguredallcriticalsystemstosynchronizetheirtimewithatrustedsource?
[]3 Haveyouimplementedacentralloggingsystemforallcriticalsystems?
[]3 Doespolicyrequirelogentriestobekeptforaminimumofthreemonths?
[]3 Arelogentrieswrittentoprotectedmediaandcryptographicallyhashed?
Infrastructure&Tools
[]1 DoyouhavemobileUSBstoragedevicesbigenoughtostorelargeserverimages(700G1T)?
[]2 Doesyourmobiletoolkitincludeknowngoodbinariesandtoolsforalloperatingsystemsused?
[]3 Haveyouestablished,properlysegmented,andtestedavirtualenvironmentforanalyzingpotential
malware?
[]4 Isthereasecurestorageareaforevidencewithproperaccesscontrolsandauditing?
Training&Education
[]3 Hasyourtechnicalsupportstaff,suchashelpdeskpersonnel,beentrainedtoidentifyanincidentandreport
it?
[]4 Isyourinvestigativestaffcertifiedbyanindustryacceptedbodyindigitalforensicwork?
[]4 Doyouhaveatrainingplantohelpyourstaffstaycurrentontechnologiesandtechniquesbetween
investigations?
OtherLogistics
[]1 Canyourconferencebridgesupportmorethan20parties?
[]3 HaveyouestablishedanemergencycontactlistforthirdpartyproviderssuchasISPs,andmanagedservice
providers?
[]3 Havecontactsbeenestablishedwithlocalandfederallawenforcementinadvance?
[]4 Doyouhaveathirdpartyinvestigationserviceonretainerincaseaninvestigationrequiresseveralweeksof
work,advancedskills,orextendedworkoutsideyourhomegeography?
Usethematurityscaletodetermineifyouhavemettheallrequirementsforthatlevel(level4shouldbe
thegoalformostorganizations):
0Nonexistent|1Initial/adhoc|2Repeatablebutintuitive|3Definedprocess|4Managedandmeasurable|5Optimized

WareOnEarth Communications, Inc. 2 of 2

Privacy Program Management - IAPP
100% (1)
Privacy Program Management - IAPP
362 pages
Honeywell Interview Questions
No ratings yet
Honeywell Interview Questions
6 pages
CISA Task Statements
100% (1)
CISA Task Statements
3 pages
Chapter 1 CISA
No ratings yet
Chapter 1 CISA
56 pages
Cybersecurity Standards for SMEs
No ratings yet
Cybersecurity Standards for SMEs
25 pages
AI-Powered Contract Review Tool
100% (1)
AI-Powered Contract Review Tool
10 pages
FFIEC ITBooklet InformationSecurity
No ratings yet
FFIEC ITBooklet InformationSecurity
98 pages
Z Sap BW Note Analyzer
No ratings yet
Z Sap BW Note Analyzer
178 pages
Angular 4 0 A Complete Study Guide
100% (1)
Angular 4 0 A Complete Study Guide
144 pages
AI and Changing Legal Industry
No ratings yet
AI and Changing Legal Industry
10 pages
Data Collection
No ratings yet
Data Collection
44 pages
Evaluation of Threat Modeling Methodologies
No ratings yet
Evaluation of Threat Modeling Methodologies
90 pages
LegaLogic DPDP Act 2023 28 08 2023
No ratings yet
LegaLogic DPDP Act 2023 28 08 2023
50 pages
CERT-IN Auditor - Guidelines
No ratings yet
CERT-IN Auditor - Guidelines
6 pages
Prudential Practice Guide CPG 234 Management of Security Risk May 2013
No ratings yet
Prudential Practice Guide CPG 234 Management of Security Risk May 2013
29 pages
ISO 17799 Audit Sample
No ratings yet
ISO 17799 Audit Sample
17 pages
Fisma Assignement (Template)
No ratings yet
Fisma Assignement (Template)
3 pages
CISO Certification Course
No ratings yet
CISO Certification Course
12 pages
Ethics in Cybersecurity
100% (1)
Ethics in Cybersecurity
18 pages
Cyber Framework
No ratings yet
Cyber Framework
129 pages
IASME Governance Question Set (Including Cyber Essentials) - v11c October 2020
No ratings yet
IASME Governance Question Set (Including Cyber Essentials) - v11c October 2020
98 pages
VMware & NetApp Audit Program Guide
No ratings yet
VMware & NetApp Audit Program Guide
9 pages
Vulnerability Management
No ratings yet
Vulnerability Management
6 pages
Cyber Check Manual Version 3.0
No ratings yet
Cyber Check Manual Version 3.0
316 pages
Compliance Audit
No ratings yet
Compliance Audit
22 pages
Data Security Audit Checklist 1717633331
No ratings yet
Data Security Audit Checklist 1717633331
4 pages
PCI Slides Merged
No ratings yet
PCI Slides Merged
161 pages
Service Organization Controls - SOC
No ratings yet
Service Organization Controls - SOC
3 pages
Effectively Using Soc 1, Soc 2, and SOC 3 Reports For Increased Assurance Over Outsourced Operations
No ratings yet
Effectively Using Soc 1, Soc 2, and SOC 3 Reports For Increased Assurance Over Outsourced Operations
20 pages
Ransomware Response Guide
No ratings yet
Ransomware Response Guide
12 pages
2020-08-10 Final Report Inshared SOC2 Type 1
No ratings yet
2020-08-10 Final Report Inshared SOC2 Type 1
229 pages
Security Auditing Essentials
No ratings yet
Security Auditing Essentials
7 pages
Auditing Identity&access MGMT 2021
No ratings yet
Auditing Identity&access MGMT 2021
22 pages
ISO27k Guideline On ISMS Audit v1
No ratings yet
ISO27k Guideline On ISMS Audit v1
35 pages
Forensics in Industrial Control System: A Case Study: Abstract
No ratings yet
Forensics in Industrial Control System: A Case Study: Abstract
10 pages
SOC 1: Essential for Financial Audits
No ratings yet
SOC 1: Essential for Financial Audits
2 pages
DORA Dry Run Summary Workshop - Final
No ratings yet
DORA Dry Run Summary Workshop - Final
29 pages
PCIDSS Compliance Requirement Checklist 2020
No ratings yet
PCIDSS Compliance Requirement Checklist 2020
6 pages
Identity Access Management For RSA Archer Based On RSA Identity Governance Lifecycle
No ratings yet
Identity Access Management For RSA Archer Based On RSA Identity Governance Lifecycle
37 pages
Use-of-artificial-Intelligence-policy 2
No ratings yet
Use-of-artificial-Intelligence-policy 2
3 pages
Project Proposal Template
No ratings yet
Project Proposal Template
4 pages
IT Auditing Using Controls To Protect Information Assets 3rd Edition Mike Kegerreis - Ebook PDF PDF Download
No ratings yet
IT Auditing Using Controls To Protect Information Assets 3rd Edition Mike Kegerreis - Ebook PDF PDF Download
80 pages
Access Control Policy Guide
No ratings yet
Access Control Policy Guide
14 pages
Writing Secure Code
No ratings yet
Writing Secure Code
18 pages
Lec 03 - Defensible - Security.architecture - 30th March 2024
No ratings yet
Lec 03 - Defensible - Security.architecture - 30th March 2024
61 pages
Iso 27
No ratings yet
Iso 27
38 pages
NIST SP 800-66 HIPAA Guide
No ratings yet
NIST SP 800-66 HIPAA Guide
117 pages
Third Party Data Security Assurance Questionnaire
No ratings yet
Third Party Data Security Assurance Questionnaire
12 pages
AuditScripts CIS Controls Master Mappings V7.1a
No ratings yet
AuditScripts CIS Controls Master Mappings V7.1a
3,370 pages
Assignment of Digital Forensics
No ratings yet
Assignment of Digital Forensics
10 pages
GDPR Compliance Checklist ProjectManager FD CM
No ratings yet
GDPR Compliance Checklist ProjectManager FD CM
12 pages
NIS2 Directive Readiness Compliance, Challenges and Recommendations
No ratings yet
NIS2 Directive Readiness Compliance, Challenges and Recommendations
1 page
Gartner Database Activity Monitoring Is Evolving Into Database Audit and Protection
No ratings yet
Gartner Database Activity Monitoring Is Evolving Into Database Audit and Protection
4 pages
Draft RTS on ICT Risk Management Under DORA
No ratings yet
Draft RTS on ICT Risk Management Under DORA
87 pages
Differentiating Between Access Control Terms
No ratings yet
Differentiating Between Access Control Terms
12 pages
PCI DSS Compliance on AWS Guide
No ratings yet
PCI DSS Compliance on AWS Guide
5 pages
Grammarly SOC 3 Report FY23
No ratings yet
Grammarly SOC 3 Report FY23
32 pages
Audit Framework Under Information System and Cyber Security Regulations
No ratings yet
Audit Framework Under Information System and Cyber Security Regulations
16 pages
Acceptable Usage Policy
No ratings yet
Acceptable Usage Policy
14 pages
Digital Forensics Analysis and Validation
No ratings yet
Digital Forensics Analysis and Validation
21 pages
DF Unit 2 Presentation
No ratings yet
DF Unit 2 Presentation
9 pages
Forensic Readiness Presentation
No ratings yet
Forensic Readiness Presentation
13 pages
DF 2
No ratings yet
DF 2
5 pages
Detection and Forensics On DNS Tunelling
No ratings yet
Detection and Forensics On DNS Tunelling
44 pages
Implementation Framework-Cyber Threat Prioritization
No ratings yet
Implementation Framework-Cyber Threat Prioritization
8 pages
Cognizant Maze Attack IOC's
No ratings yet
Cognizant Maze Attack IOC's
3 pages
Title: Informative Note
No ratings yet
Title: Informative Note
4 pages
Edp Attacked Through Ragnarlocker: Nota Informativa
No ratings yet
Edp Attacked Through Ragnarlocker: Nota Informativa
4 pages
COBIT 5 Syllabus v3.1 PDF
No ratings yet
COBIT 5 Syllabus v3.1 PDF
15 pages
Proxmox Mail Gateway 6.2 Datasheet
No ratings yet
Proxmox Mail Gateway 6.2 Datasheet
4 pages
Key Functionalities of A Modern Cyber Threat Intelligence Program - Jerry Caponera
No ratings yet
Key Functionalities of A Modern Cyber Threat Intelligence Program - Jerry Caponera
21 pages
DNS Cache Snooping
No ratings yet
DNS Cache Snooping
12 pages
1771 Osmocombb-27c3
No ratings yet
1771 Osmocombb-27c3
41 pages
NDX Flaigs
No ratings yet
NDX Flaigs
38 pages
Computer Forensics Processing Checklist PDF
No ratings yet
Computer Forensics Processing Checklist PDF
6 pages
Certified ETL Testing Professional
No ratings yet
Certified ETL Testing Professional
6 pages
The Development Stage: Questions
No ratings yet
The Development Stage: Questions
3 pages
Dell™ Latitude™ E5510 Discrete Service Manual: Notes, Cautions, and Warnings
No ratings yet
Dell™ Latitude™ E5510 Discrete Service Manual: Notes, Cautions, and Warnings
76 pages
Parallel Algorithms of Timetable Generation
100% (1)
Parallel Algorithms of Timetable Generation
60 pages
Msinfo 32
No ratings yet
Msinfo 32
64 pages
O Codificador Limpo
0% (1)
O Codificador Limpo
8 pages
Scrolling Text For PSP Lua
No ratings yet
Scrolling Text For PSP Lua
1 page
Unbounded Solution
No ratings yet
Unbounded Solution
2 pages
PHP 5 Oop
100% (50)
PHP 5 Oop
60 pages
JSF Bean Scope Selection Guide
No ratings yet
JSF Bean Scope Selection Guide
2 pages
M2PA vs M2UA: Key Differences
No ratings yet
M2PA vs M2UA: Key Differences
2 pages
Time-Scale Analysis: Wavelets and Filter Banks 1. Analysis and Synthesis
No ratings yet
Time-Scale Analysis: Wavelets and Filter Banks 1. Analysis and Synthesis
8 pages
Signal Sampling, Quantization, Binary Encoding: Oleh Albert Sagala
No ratings yet
Signal Sampling, Quantization, Binary Encoding: Oleh Albert Sagala
46 pages
Product Perspective
No ratings yet
Product Perspective
4 pages
GRC Reporting
No ratings yet
GRC Reporting
8 pages
CS333 Software Development Lab Manual
0% (1)
CS333 Software Development Lab Manual
9 pages
6.5.1.2 Lab - Building A Switch and Router Network
No ratings yet
6.5.1.2 Lab - Building A Switch and Router Network
6 pages
Computer Architecture Essentials
No ratings yet
Computer Architecture Essentials
98 pages
ADC, DAC and SENSOR INTERFACING IN AVR MICROCONTROLLER
50% (2)
ADC, DAC and SENSOR INTERFACING IN AVR MICROCONTROLLER
17 pages
Table of Contents
No ratings yet
Table of Contents
10 pages
Hotel Basic Network Configuration - PNP
No ratings yet
Hotel Basic Network Configuration - PNP
12 pages
Python Logging Module PDF
No ratings yet
Python Logging Module PDF
17 pages
4x4 Keypad PDF
No ratings yet
4x4 Keypad PDF
8 pages
Design of An Industrial Machine Vision System For Inspection and Assembly Using Soft Computing
No ratings yet
Design of An Industrial Machine Vision System For Inspection and Assembly Using Soft Computing
10 pages
Model 204: Translate
No ratings yet
Model 204: Translate
1 page
Watershed GIS
No ratings yet
Watershed GIS
8 pages
G31T-M V1 0
100% (6)
G31T-M V1 0
52 pages

Forensic Readiness Checklist

Uploaded by

Forensic Readiness Checklist

Uploaded by

Digital Forensics Readiness Checklist

WareOnEarth Communications, Inc.

WareOnEarth Communications, Inc. 1 of 2

WareOnEarth Communications, Inc. 2 of 2

You might also like