This video defines what audit logs are and explains their significance in network forensics.
- [Instructor] Audit logs are chronological records … that provide documented evidence … of the sequence of activities … relevant to security events. … They record transactions by users, … systems, and other entities. … Audit trail is another name for audit logs. … Maintaining a strong audit trail … is critical in network forensics, … and here is why. … First, it provides accountability. … Logs tie accounts and people to security events. … Based on this information, … organizations find out who did what, … and how their system responded. … They can also take punitive or corrective actions … such as more training or education. … Next is reconstruction. … Network forensic specialists … can piece together a series of related activities … sequentially before and during … a security incident. … Anomaly detection is another benefit … because log data provides raw materials … for spotting any suspicious activities. … Linux keeps its audit trail … by maintaining a number of log files. … You can find them under the /var/log directory. …
- Goals of network forensics
- Using a syslog and Microsoft Log Parser
- Investigating network traffic
- How protocol analysis works
- ARP and DNS poisoning
- Working with network forensics tools
- Using packet sniffers
Skill Level Intermediate
Learning Cryptography and Network Securitywith Lisa Bock1h 45m Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
What you should know2m 11s
1. Understanding Network Forensics
2. Preparing for a Network Forensics Investigation
3. Investigating Network Events
4. Investigating Network Traffic
5. Network Forensics Tools
Next steps1m 15s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.