Network Forensics (2020)

From CyberEdWiki
Revision as of 19:36, 15 July 2019 by GeralynUH (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The intent of the Network Forensics Knowledge Unit is to provide students with the ability apply forensics techniques to investigate and analyze network traffic.


To complete this KU, students should be able to:

  1. Describe the methodologies used in network forensics.
  2. Analyze and decipher network traffic, identify anomalous or malicious activity, and provide a summary of the effects on the system.


  1. Packet Capture and Analysis (Wifi, LAN)
  2. Intrusion Detection and Prevention
  3. Interlacing of device and network forensics
  4. Log-file Analysis
  5. Forensic Imaging and Analysis
  6. (must include hands-on activities)


NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Davidoff, S. and Ham, J., 2012. Network forensics: tracking hackers through cyberspace. Upper Saddle River: Prentice hall.

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]