Chapter 12
Legal, Regulations, Investigations, and Compliance
In This Chapter
Understanding major categories and types of laws
Knowing the major categories of computer crime
Identifying U.S. and international laws that pertain to information security
Handling investigations, forensics, evidence, and incident response
Similar to police officers, information security professionals are expected to determine when a computer crime has occurred, secure the crime scene, and collect any evidence — to protect and to serve! In order to perform these functions effectively, the CISSP candidate must know what a computer crime is, how to conduct an investigation and collect evidence, and understand what laws may have been violated.
Furthermore, CISSP candidates are expected to be familiar with the laws and regulations that are relevant to information security throughout the world and in various industries. This could include national laws, local laws, and any laws that pertain to the types of activities performed by organizations.