Chapter 1, Incident Response, addresses the incident response process and how to create an incident response framework for use within an enterprise, which allows for an orderly investigation and remediation of a cyber security incident.
Chapter 2 , Forensics Fundamentals,focuses on the fundamental aspects of digital forensics. This includes a brief history of digital forensics, the basic elements of forensic science, and integrating these techniques into the incident response framework.
Chapter 3 , Network Evidence Collection, focuses on the network-based evidence. This includes logs from network devices such as firewalls, routers, proxy servers, and other layer 2 and 3 devices. The chapter also focuses on acquiring ...