Question

The Chief Information Security Officer (CISO) of an e-retailer, which has an established security department, identifies a customer who has been using a fraudulent credit card. The CISO calls the local authorities, and when they arrive on-site, the authorities ask a security engineer to create a point-in-time copy of the running database in their presence.

This is an example of:

A. creating a forensic image
B. deploying fraud monitoring
C. following a chain of custody
D. analyzing the order of volatility

Answer 1

A security engineer creating a point-in-time copy of a database for local authorities is an example of creating a forensic image. This is crucial for maintaining the integrity of potential legal evidence and adhering to the Personal Data Notification & Protection Act of 2017.

Step-by-step explanation:

When the security engineer creates a point-in-time copy of the running database in the presence of the local authorities, this is an example of creating a forensic image. This procedure is vital in ensuring that a digital facsimile of the data is preserved without altering any evidence, which may be critical for legal investigations and subsequent proceedings. This process is key to maintaining the integrity of the evidence, which must be preserved as it was at the time the crime was discovered to support the chain of custody.

The process described not only supports crime mapping and analysis by allowing law enforcement agencies to utilize such data in a geographical and forensic context but also respects the legal need for evidence preservation. The Personal Data Notification & Protection Act of 2017 specifies how sensitive personal information must be protected, and the fraudulent use of a credit card falls under the scenarios this law intends to address. It's essential for organizations to consistently update and practice their security protocols to prevent data breaches, a growing concern evidenced by high-profile incidents at major companies.