In this chapter, we discussed what we should have in the Jump Bag to handle a computer incident, and what kind of skills the members of the IR team require.
Also, we took a look at live response and collected Volatile and Nonvolatile information from a live system. We also discussed different tools to collect information. We also discussed when we should to use a live response approach as an alternative to traditional forensics.
In the following chapter, we will consider the issues related to Volatile data collection.