This video explains how network logs are used as evidence in court.
- [Lecturer] Network logs are the records … of user activities on hosts some of which include … intrusion attempts and security events. … They are the primary sources of information … investigators use to prove a crime. … However, it's important to note that network logs … are also susceptible to attacks. … Intruders can change, delete, and add an entry … to cover their tracks. … Because of this possibility of tampering, … courts don't automatically accept network logs … as credible evidence unless they meet certain criteria. … Prosecutors are responsible for providing witnesses … to testify the integrity, reliability, and accuracy … of the logs before they become admissible to the court. … The expectation is that the custodians … of the systems generating the log files … can strongly support their authenticity. … A history of prior breaches seriously weakens … the credibility of the witnesses … and the court may even reject the log data. … Another requirement is keeping logs … as a regular business practice …
- Goals of network forensics
- Using a syslog and Microsoft Log Parser
- Investigating network traffic
- How protocol analysis works
- ARP and DNS poisoning
- Working with network forensics tools
- Using packet sniffers
Skill Level Intermediate
Learning Cryptography and Network Securitywith Lisa Bock1h 45m Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
What you should know2m 11s
1. Understanding Network Forensics
2. Preparing for a Network Forensics Investigation
3. Investigating Network Events
4. Investigating Network Traffic
5. Network Forensics Tools
Next steps1m 15s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.