0
2.2kviews
Give an overview of network forensics?

Subject: Digital Forensics

Topic: Network Forensics

Difficulty: Medium

1 Answer
1
30views

Network forensics is the process of collecting and analyzing raw network data and tracking network traffic systematically to ascertain how an attack was carried out or how an event occurred on a network.

  1. Being able to spot variations in network traffic can help you track intrusions, so knowing your network’s typical traffic patterns is important.

  2. Network forensics can also help you determine whether a network is truly under attack or a user has inadvertently installed an untested patch or custom program.

  3. Network forensics examiners must establish standard procedures for how to acquire data after an attack or intrusion incident.

  4. Network forensics is used to determine how a security breach occurred; however, steps must be taken to harden networks before a security breach happens.

  5. Layered network defense strategy, which sets up layers of protection to hide the most valuable data at the innermost part of the network.

  6. It also ensures that the deeper into the network an attacker gets, the more difficult access becomes and the more safeguards are in place.

  7. The National Security Agency (NSA) developed an approach, called the defense in depth (DiD) strategy.

Please log in to add an answer.