También se denomina “ciencia forense informática”.
Cuando se trata de la seguridad de la información, se refiere a la aplicación
de herramientas de investigación y técnicas de análisis para recolectar
evidencia a partir de recursos informáticos a fin de determinar la causa del
riesgo de los datos.
http://es.pcisecuritystandards.org
El análisis forense es una metodología de estudio
ideal para el análisis posterior de incidentes, mediante el cual se trata de
reconstruir cómo se ha penetrado en el sistema, a la par que se valoran los
daños ocasionados. Si los daños han provocado la inoperabilidad del sistema, el
análisis se denomina análisis postmortem.
http://es.wikipedia.org/wiki/Auditor%C3%ADa_de_seguridad_de_sistemas_de_informaci%C3%B3n
The application of the
scientific method to digital media to establish factual information for
judicial review.
Scope Note: This process
often involves investigating computer systems to determine whether they are or
have been used for illegal or unauthorized activities As a discipline it
combines elements of la and have been used for illegal or unauthorized
activities. As a discipline, it combines elements of law and computer science
to collect and analyze data from information systems (e.g., personal computers,
networks, wireless communication and digital storage devices) in a way that is
admissible as evidence in a court of law.
ISACA, Cybersecurity Glossary, 2014
The process of identifying,
preserving, analyzing and presenting digital evidence in a manner that is
legally acceptable in any legal proceedings
ISACA, Cybersecurity Glossary, 2014
The process of collecting,
assessing, classifying and documenting digital evidence to assist in the
identification of an offender and the method of compromise
ISACA, Cybersecurity
Glossary, 2014
The practice of gathering,
retaining, and analyzing computer-related data for investigative purposes in a
manner that maintains the integrity of the data. [CNSSI_4009:2010]
The practice of gathering,
retaining, and analyzing computer-related data for investigative purposes in a
manner that maintains the integrity of the data. [CNSSI_4009:2010]
An accurate bit-for-bit
reproduction of the information contained on an electronic device or associated
media, whose validity and integrity has been verified using an accepted
algorithm. [CNSSI_4009:2010]
The practice of gathering,
retaining, and analyzing computer-related data for investigative purposes in a
manner that maintains the integrity of the data. [NIST-SP800-61:2004]
Also referred to as
“computer forensics.” As it relates to information security, the application of
investigative tools and analysis techniques to gather evidence from computer
resources to determine the cause of data compromises.
https://www.pcisecuritystandards.org/security_standards/glossary.php
Computer forensics is
application of the scientific method to digital media in order to establish
factual information for judicial review. This process often involves
investigating computer systems to determine whether they are or have been used
for illegal or unauthorized activities. Mostly, computer forensics experts
investigate data storage devices, either fixed like hard disks or removable
like compact disks and solid state devices. Computer
forensics experts:
·
Identify
sources of documentary or other digital evidence.
·
Preserve the evidence.
·
Analyze
the evidence. Present the findings.
Computer forensics is done
in a fashion that adheres to the standards of evidence that are admissible in a
court of law.
http://en.wikipedia.org/wiki/Computer_forensics
The intelligence resulting
from the integration of scientifically examined materials and other information
to establish full characterization, attribution, and the linkage of events,
locations, items, signatures, nefarious intent, and persons of interest. Also called FEI. [JP2-0:2013]
Également dénommé
«expertise judiciaire en informatique». S’appliquant à la sécurité des
informations, les outils d’investigation et de techniquesd’analysepermettent de
rassembler des preuves à partir des ressources informatiques afin de déterminer
la cause de la compromission des données.
http://fr.pcisecuritystandards.org/