CISSP 2013 Domain: Legal, Regulations, Investigations, and Compliance

Target Audience
Expected Duration
Lesson Objectives
Course Number

Computer crime is a major area of concern for everyone from the standard end user to the enterprise environment. Government agencies and corporate groups have come together to create rules and laws that deal with computer crimes and how perpetrators should be dealt with. This course brings together different aspects of computer crime, such as types of crime, laws to deal with crimes, and the ethics that must be used when investigating crime. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC2) for its Certified Information Systems Security Professional (CISSP) certification. The CISSP credential certifies student expertise in ten different knowledge domains and covers the most recent key areas of knowledge as outlined in the Candidate Information Bulletin (CIB) effective date: January 1, 2012.

Target Audience
Mid- and senior-level managers who are working toward or have already attained positions as CISOs, CSOs, or Senior Security Engineers

Expected Duration (hours)

Lesson Objectives

CISSP 2013 Domain: Legal, Regulations, Investigations, and Compliance

  • distinguish between the major categories of computer crime
  • match examples of categories of computer crime to their descriptions
  • recognize the characteristics of various computer-related crimes
  • match the type of intellectual property law that applies to a given scenario
  • match categories of law to their descriptions
  • identify laws related to information security and privacy
  • categorize laws according to the computer crime they protect against
  • determine what type of computer crime has been committed in a given scenario
  • specify the law that protects against a computer crime in a given scenario
  • identify definitions of due care and due diligence
  • recognize the characteristics of computer crime investigations
  • recognize the investigative considerations involved in dealing with computer crime
  • differentiate between ethics and ethical fallacies
  • determine the appropriate processes for investigating a computer-related crime in a given scenario
  • Course Number: