This step is significant since it has an impact in the following steps. Identification: recognizing and determining an incident based on network indicators. The following is a brief overview of each step: Identification, preservation, collection, examination, analysis, presentation and Incident Response. A generic network forensic examination includes the following steps: Network forensics is also the process of detecting intrusion patterns, focusing on attacker activity. In addition, it monitors on the network to detect attacks and analyze the nature of attackers. It tries to analyze network traffic data, which is collected from different sites and different network equipment, such as firewalls and IDS. The major goal of network forensics is to collect evidence. Network forensics is capture, recording and analysis of network packets in order to determine the source of network security attacks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |