标准摘要
[中文适用范围]: 本国际标准基于理想化模型,为涉及数字证据的各种事件调查场景中的常见事件调查流程提供了指南。这包括从事件前准备到调查结束的流程,以及有关此类流程的任何一般建议和注意事项。指南描述了适用于各种调查的流程和原则,包括但不限于未经授权的访问、数据损坏、系统崩溃或企业信息安全漏洞,以及任何其他数字调查。总之,本国际标准概述了所有事件调查原则和流程,但并未规定本国际标准中涵盖的每个调查原则和流程的具体细节。本国际标准引用的许多其他相关国际标准提供了具体调查原则和流程的更详细内容。 [外文原描述]: ISO/IEC 27043:2015 provides guidelines based on idealized models for common incident investigation processes across various incident investigation scenarios involving digital evidence. This includes processes from pre-incident preparation through investigation closure, as well as any general advice and caveats on such processes. The guidelines describe processes and principles applicable to various kinds of investigations, including, but not limited to, unauthorized access, data corruption, system crashes, or corporate breaches of information security, as well as any other digital investigation. In summary, this International Standard provides a general overview of all incident investigation principles and processes without prescribing particular details within each of the investigation principles and processes covered in this International Standard. Many other relevant International Standards, where referenced in this International Standard, provide more detailed content of specific investigation principles and processes.
英文名称Information technology - Security techniques - Incident investigation principles and processes