Abbreviations

Here are the abbreviations i can come up with when speakling of DFIR and Governance.

DFIR

Image / Image File = file that is raw copy of the original hardware (HDD, SSD, SD, USB drive etc. )

Actioncard = a short a descriptive way of a pproaching a problem or assignment. To make sure that everyting is followed according to the expectiation allignment with management

CTF = Capture The Flag is a fun little assignment for finding the hidden treasures in the challenge.

COC = Chain of Custody is a way of documenting when evidence changes hands. Document the way evidence was handled and or aquired.

DD = Data Duplicaiton is another fileformat from data to a Image file. This is uncompressed fileformat

DFIR = Digital Forensics and Incident Response. Term that surrounds the majority area of defence in IT

E01 file = the raw data from harddrive replicated into a file. Stands for Encase 01 file. Data can be either uncompressed or compressed.

Forensics = A scientific way of "finding the truth" to what happened in a event

Live Image Boot = Its a bootable drive with a Image. For example Linux Caine og Paladin. They are used for aquisition of data from drives where its hard to insert the hardware into a adapter drive or the storage media is embedded on the system.

Live triage = Its triage and data aquisition from a running system.

Playbook = a guided way of approaching a problem withing the field. Look at actioncards as well

SWB = Software Writeblocker

Triage = its quick analysis of a system, file or event, based on the suspicion of a breach. Its seen as a pre analysis that makes precedence for a forensic analysis (oftemnost)

WB = Writeblocker

Governance

BCP = Business Continuity Plan kan også kaldes Contingency plan (Beredskabsplan) (https://en.wikipedia.org/wiki/Contingency_plan)

CB = certification body = certificerings ansvarlig for eks. certificering i ISO standarden (https://www.iso.org/committee/54998/x/catalogue/p/1/u/0/w/0/d/0)

CMA = Cover My Ass ;)

CMMC = Cybersecurity Maturity Model Certification (CMMC)

DOD = Department Of Defence

FUD = Fear, Uncertainty, and Doubt

GRC = Governance, Risk Management and Compliance (GRC)

Risk Hunger / Hungry / Appetite = Its the level of risk an organization is willing to accept (https://en.wikipedia.org/wiki/Risk_appetite)

PCI DSS = Payment Card Industry Data Security Standards

TNO = Trust No One (https://en.wikipedia.org/wiki/Trust_no_one_(Internet_security))

ZT = Zero Trust, I forlængelse af ovenstående. En term når man ikke betror sig til parnere ved udveksling af informationer/data mv. Så tager man selv sine forholdsregler og opretholder en streng adgangskontrol og kryptering omkring sine data.