CHAPTER 9

Network Forensics

    In this chapter, you will learn how to

 

        • Explain why we investigate network traffic; summarize network forensics concepts; and define the terms firewall, honeypot, and IDS

        • List various kinds of network vulnerabilities and network attacks, and where to look for and gather evidence for wired and wireless networks

        • Analyze the data: how to handle logs as evidence, and how to condense a log file

        • Explain the function of log management, the legality of using logs, and combining event and log management to correlate local and remote events

I’ve been involved with IP networking and data communications for a long, long time, as both a software developer and a software and application ...

Get CHFI Computer Hacking Forensic Investigator Certification All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial