Describe the impact that access control methods and models have on obtaining evidence.
|
Does not describe the impact that access control methods and models have on obtaining evidence. |
Describes incompletely or inaccurately the impact that access control methods and models have on obtaining evidence. |
Describes the impact that access control methods and models have on obtaining evidence. |
Describes the impact that access control methods and models have on obtaining evidence, including the use of supporting examples. |
Describe the challenges of engaging in an investigation while protecting the due-process rights of a suspect.
|
Does not describe the challenges of engaging in an investigation while protecting the due-process rights of a suspect. |
Describes incompletely or inaccurately the challenges of engaging in an investigation while protecting the due-process rights of a suspect. |
Describes the challenges of engaging in an investigation while protecting the due-process rights of a suspect. |
Describes the challenges of engaging in an investigation while protecting the due-process rights of a suspect, including the use of supporting examples. |
Evaluate how technical and procedural controls support the ability to conduct effective investigations.
|
Does not evaluate how technical and procedural controls support the ability to conduct effective investigations. |
Evaluates incompletely or inaccurately how technical and procedural controls support the ability to conduct effective investigations. |
Evaluates how technical and procedural controls support the ability to conduct effective investigations. |
Evaluates how technical and procedural controls support the ability to conduct effective investigations, including the use of supporting examples. |
Examine the options available to an information security professional when executives choose not to report potential computer-based criminal activity.
|
Does not examine the options available to an information security professional when executives choose not to report potential computer-based criminal activity. |
Examines incompletely or inaccurately the options available to an information security professional when executives choose not to report potential computer-based criminal activity. |
Examines the options available to an information security professional when executives choose not to report potential computer-based criminal activity. |
Examines the options available to an information security professional when executives choose not to report potential computer-based criminal activity, including the use of supporting examples. |
Describe the skills and experience levels desirable in an expert forensics witness.
|
Does not describe the skills and experience levels desirable in an expert forensics witness. |
Describes incompletely or inaccurately the skills and experience levels desirable in an expert forensics witness. |
Describes the skills and experience levels desirable in an expert forensics witness. |
Describes the skills and experience levels desirable in an expert forensics witness, including the use of supporting examples. |
Discuss strategies for managing encrypted information during a forensics investigation.
|
Does not discuss strategies for managing encrypted information during a forensics investigation. |
Discusses incompletely or inaccurately strategies for managing encrypted information during a forensics investigation. |
Discusses strategies for managing encrypted information during a forensics investigation. |
Discusses strategies for managing encrypted information during a forensics investigation, including the use of supporting examples. |
Use forensics tools to reverse engineer possible malware.
|
Does not use forensics tools to reverse engineer possible malware. |
Improperly uses forensics tools to reverse engineer possible malware. |
Uses forensics tools to reverse engineer possible malware. |
Uses forensics tools to reverse engineer possible malware, including how these tools contribute to an incident investigation. |
