Chapter 12

Legal, Regulations, Investigations, and Compliance

In This Chapter

Understanding major categories and types of laws

Knowing the major categories of computer crime

Identifying U.S. and international laws that pertain to information security

Handling investigations, forensics, evidence, and incident response

Similar to police officers, information security professionals are expected to determine when a computer crime has occurred, secure the crime scene, and collect any evidence — to protect and to serve! In order to perform these functions effectively, the CISSP candidate must know what a computer crime is, how to conduct an investigation and collect evidence, and understand what laws may have been violated.

Furthermore, CISSP candidates are expected to be familiar with the laws and regulations that are relevant to information security throughout the world and in various industries. This could include national laws, local laws, and any laws that pertain to the types of activities performed by organizations.