Network forensics is the process of identifying criminal activity and the people behind the crime. Network forensics can be defined as sniffing, recording, acquisition, and analysis of the network traffic and event logs in order to investigate a network security incident. It allows investigator to inspect network traffic and logs to identify and locate the attacking system.
Objective
The objective of this lab is to make forensic investigators understand how to sniff a network and analyze packets of the target network. The primary objectives of this lab are:
- Capturing the packets of a network
- Analyzing incoming and outgoing packets
- Identifying criminal activity and the criminal
- Filtering the network
- Capturing the network traffic
- Analyzing network traffic
- Viewing the network summary
Scenario
As an expert computer forensic investigator, you must know how to recover deleted files from digital devices found in the crime scene area and duplicate the evidence so that the original data is not tampered with.
Network Forensics, Investigating Logs and Investigating Network Traffic
Computer Forensics Exercises / Network Forensics, Investigating Logs and Investigating Network Traffic contains the following Exercises:
- Capturing and Analyzing Data Packets Using Wireshark Tool
- Analyzing a Network Using the Colasoft Capsa Network Analyzer Tool
The Virtual Private Cloud for this Lab set utilizes:
Computer Forensics Exercises are available as part of the following subscription:
Each subscription provides 6 months access to 34 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Computer Forensics Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools, we even provide investigation files, hard disk clones and targets. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.
Lab exercises are included for:
- Computer Forensics Investigation Process
- Computer Forensics Lab
- Understanding Hard Disks and File Systems
- Windows Forensics
- Data Acquisition and Duplication
- Recovering Deleted Files and Partitions
- Forensics Investigation Using AccessData FTK
- Forensics Investigation Using EnCase
- Steganography and Image File Forensics
- Application Password Crackers
- Log Capturing and Event Correlation
- Network Forensics, Investigating Logs and Investigating Network Traffic
- Investigating Wireless Attacks
- Tracking & Investigating Email Crimes
- Mobile Forensics
- Investigative Reports
Price: $199
