SYSTEM FORENSICS HELPS REDUCE THE OCCURRENCE of security incidents. It also helps minimize the impact of incidents that do occur. A forensic analyst examines how an attack is perpetrated and then develops controls to prevent or mitigate that form of attack. For example, the early Secure Sockets Layer (SSL) protocol safeguarded Internet sessions. However, it was vulnerable to man-in-the-middle attacks. Forensic analyses led to changes in SSL to eliminate this vulnerability.

To prevent and mitigate security incidents, an organization must establish formal incident prevention and intrusion response plans. You write these formal plans using an analytical framework. They should include incident response protocols. ...