Peraturan It Audit & Kebutuhan IT Forensics

Peraturan dan Standar Yang Biasa Dipakai pada IT Audit :

1. ISO / IEC 17799 and BS7799
2. Control Objectives for Information and related Technology (CobiT)
3. ISO TR 13335
4. IT Baseline Protection Manual
5. ITSEC / Common Criteria
6. Federal Information Processing Standard 140-1/2 (FIPS 140-1/2)
7. The “Sicheres Internet” Task Force [Task Force Sicheres Internet]
8. The quality seal and product audit scheme operated by the Schleswig-Holstein Independent State Centre for Data Privacy Protection (ULD)
9. ISO 9000

Kebutuhan IT Forensics :

● Hardware:
– Harddisk IDE & SCSI kapasitas sangat besar, CD-R, DVR drives
– Memori yang besar (1-2GB RAM)
– Hub, Switch, keperluan LAN
– Legacy hardware (8088s, Amiga, …)
– Laptop forensic workstations
● Software
– Viewers
– Erase/Unerase tools: Diskscrub/Norton utilities)
– Hash utility (MD5, SHA1)
– Text search utilities
– Drive imaging utilities (Ghost, Snapback, Safeback,…)
– Forensic toolkits
● Unix/Linux: TCT The Coroners Toolkit/ForensiX
● Windows: Forensic Toolkit
– Disk editors (Winhex,…)
– Forensic acquisition tools (DriveSpy, EnCase, Safeback, SnapCopy,…)
– Write-blocking tools untuk memproteksi bukti-bukti