Requirements for collection and preservation of cybersecurity incident evidence
- Contributors
-
Jooyoung Lee, Moon Dae Sung
- Year
- 2020
- Standard Body
- ITU
- Standard No.
- X.1216
- Source Link
-
https://www.itu.int/rec/T-REC-X.1216-202009-I
- Project Code
-
20HR1300, Development of Cyber Self Mutation Technologies for Proactive Cyber Defence,
Moon Dae Sung
- Abstract
- Recommendation ITU-T X.1216 describes a general procedure for cybersecurity incident response and investigation. It also analyses sources of cybersecurity incident evidence and specifies capability requirements for tools used for collection and preservation of such evidence in an investigative process. This Recommendation also specifies reliability assurance requirements for these tools as guidelines to developers who design tools for such purpose.