O'Reilly logo

Learning Network Forensics by Samir Datt

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Action for the future

Once any incident is over and done with, the team needs to focus on the lessons learned. From an incident response perspective, the focus is on answering questions such as the following:

  • How did this happen?
  • What can we do to prevent it from reoccurring?
  • What preventive measures can be put into place?
  • How can monitoring and alerting be improved?

From a network forensics perspective, the additional questions to be answered include the following:

  • Which artifacts exist that can help us identify such an incident in the future?
  • What are the lessons learned?
  • How can we improve the investigation process?
  • What IOC can be identified that can be shared with the Incident Response team to help prevent a reoccurrence of such an incident?

While ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required