This course wilt enable you to take your system-based forensic knowledge onto the wire, incorporate network evidence into your investigations, provide better findings, and get the job done faster.It is exceedingly rare to work any forensic investigation that doesn't have a network component. Endpoint forensics will always be a critical and foundational skill for this career, but overlooking network communications is akin to ignoring security camera footage of a crime as it was committed. Whether you handle an intrusion incident, data theft case, employee misuse scenario, or are engaged in proactive adversary discovery, the network often provides an unparalleled view of the incident. Its evidence can provide the proof necessary to show intent, uncover attackers that have been active for months or longer, or even prove useful in definitively proving a crime actually occurred.
展开▼
机译:本课程将使您能够将基于系统的法证知识带到网络上,将网络证据纳入您的调查中,提供更好的发现,并更快地完成工作。 r n进行任何无法进行的法证调查极为罕见。具有网络组件。端点取证一直是该职业的关键和基础技能,但是忽略网络通信类似于忽略犯罪时使用的安全摄像机镜头。无论您是处理入侵事件,数据失窃案,员工滥用情况还是参与主动的对手发现,网络通常都可以提供无与伦比的事件视图。它的证据可以提供必要的证据,以表明意图,发现已经活动了几个月或更长时间的攻击者,甚至可以证明对确定实际发生的犯罪有用。
展开▼