A Practical Guide to Digital Forensics Investigations, 2nd Edition

Chapter 8 Network Forensics and Incident Response

Learning Outcomes

After reading this chapter, you will be able to understand the following:

The importance of network forensics;
Hardware devices that contain network logs that are valuable to a forensic examiner;
IPv4 and IPv6;
The OSI Model;
Mistakes made when investigating networks;
Windows artifacts;
Advanced persistent threats: perpetrators, vectors of attack, and indicators of compromise; and
How to investigate a network intrusion.

Network forensics is extremely important, but very few people understand it. This domain of forensics is so important because of the explosion in network breaches. The Sony PlayStation breach in 2011 alone is estimated to have cost the company $170 million ...

Get A Practical Guide to Digital Forensics Investigations, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

A Practical Guide to Digital Forensics Investigations, 2nd Edition by Darren R. Hayes

Chapter 8

Network Forensics and Incident Response

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly