CYBERSECURITY
33
- (d) the redirection of malicious data traffic towards a designated computer or computer system.
- (c) require the owner of a computer or computer system to take any action to assist with the investigation, including but not limited to—
- (i) preserving the state of the computer or computer system by not using it;
- (ii) monitoring the computer or computer system for a specified period of time;
- (iii) performing a scan of the computer or computer system to detect cybersecurity vulnerabilities and to assess the manner and extent that the computer or computer system is affected by the cybersecurity incident; and
- (iv) allowing the incident response officer to connect any equipment to the computer or computer system, or install on the computer or computer system any computer program, as is necessary for the purpose of the investigation;
- (d) after giving reasonable notice to the owner or occupier of any premises, enter those premises if the incident response officer reasonably suspects that there is within the premises a computer or computer system that is or was affected by the cybersecurity incident;
- (e) access, inspect and check the operation of a computer or computer system that the incident response officer has reasonable cause to suspect is or was affected by the cybersecurity incident, or use or cause to be used any such computer or computer system to search any data contained in or available to such computer or computer system;
- (f) perform a scan of a computer or computer system to detect cybersecurity vulnerabilities in the computer or computer system;
