Knowledge ID: K1115

Knowledge of Chain of Custody (CoC) processes and procedures

Work roles with this Knowledge

  • Digital Forensics

    NICE Framework ID: PD-WRL-002

    Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.

  • Insider Threat Analysis

    NICE Framework ID: PD-WRL-005

    Responsible for identifying and assessing the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.

  • Cybercrime Investigation

    Category: Investigation
    NICE Framework ID: IN-WRL-001

    Responsible for investigating cyberspace intrusion incidents and crimes. Applies tactics, techniques, and procedures for a full range of investigative tools and processes and appropriately balances the benefits of prosecution versus intelligence gathering.

  • Digital Evidence Analysis

    Category: Investigation
    NICE Framework ID: IN-WRL-002

    Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.