Network forensics is an evolution of typical digital forensics, in which evidence is gathered from network traffic in near real time. This book will help security and forensics professionals as well as network administrators build a solid foundation of processes and controls to identify incidents and gather evidence from the network. Forensic scientists and investigators are some of the fastest growing jobs in the United States with over 70, 000 individuals employed in 2008. Specifically in the area of cybercrime and digital forensics, the federal government is conducting a talent search for 10, 000 qualified specialists. Almost every technology company has developed or is developing a cloud computing strategy. To cut costs, many companies are moving toward network-based applications like SalesForce.com, PeopleSoft, and HR Direct. Every day, we are moving companiesa proprietary data into a cloud, which can be hosted anywhere in the world. These companies need to understand how to identify where their data is going and what they are sending. Key network forensics skills and tools are discussed-for example, capturing network traffic, using Snort for network-based forensics, using NetWitness Investigator for network traffic analysis, and deciphering TCP/IP. The current and future states of network forensics analysis tools are addressed. The admissibility of network-based traffic is covered as well as the typical life cycle of a network forensics investigation.A Forensic Evidence Guide for Moving Targets and Data Clint P Garrison. ai FIGURE8.15 Distributed installer initial screen witha sample architecture diagram ai FIGURE8.16 Distributed installer initial screen witha sample architectureanbsp;...
|Title||:||Digital Forensics for Network, Internet, and Cloud Computing|
|Author||:||Clint P Garrison|
|Publisher||:||Syngress - 2010-07-02|