Network Forensics (2019)

From CyberEdWiki
Jump to: navigation, search

The intent of the Network Forensics Knowledge Unit is to provide students with the ability apply forensics techniques to investigate and analyze network traffic.


To complete this KU, students should be able to:

  1. Describe the methodologies used in network forensics.
  2. Analyze and decipher network traffic, identify anomalous or malicious activity, and provide a summary of the effects on the system.


  1. Packet Capture and Analysis (Wifi, LAN)
  2. Intrusion Detection and Prevention
  3. Interlacing of device and network forensics
  4. Log-file Analysis
  5. Forensic Imaging and Analysis
  6. (must include hands-on activities)


Specialization Areas

See also

Related Knowledge Units

Further reading

Suggested textbooks

Davidoff, S. and Ham, J., 2012. Network forensics: tracking hackers through cyberspace. Upper Saddle River: Prentice hall.

Suggested academic readings

Sample knowledge test

Sample skills test

Sample abilities test

Additional notes or materials


Reference ID