Introduction to Digital Forensics (DF) and Incident Response (IR)
Cyber Kill Chain
Phase 3: Delivery
DFIR Processes
Computer Security Incident Response Teams (CSIRTs)
Forensic collection
Notification and reporting
The Digital Forensics Process
Reporting
The Incident Response (IR) Process
Digital Forensics and Incident Response Challenges
Table 2.6: Main challenges of Digital Forensics and Incident Response
Digital Forensics and Incident Response Best Practices
Zero-Trust Security
Table 2.7: Main principles for implementing a zero-trust security model
Analyzing the Web Activity of a Device
Getting Started with DB Browser
Figure 2.23: To view a table
The Uniform Resource Locators (URLs) table
The Keyword_search_terms Table
The Downloads Table
Read the sentences and tick True or False.
Outline the sources of evidence that must be identified when conducting a digital forensics investigation?
Analyze the role of Computer Security Incident Response Teams (CSIRTs) in protecting machine networks.
Describe the steps of a typical DFIR process.
Describe the main challenges associated with Digital Forensics and Incident Response.
In a web browser with large quantities of activity data, analyze the results from the urls table and try to deduct if there are specific patterns the user follows in their web browsing activi
For the same data as the previous exercises, evaluate the data from the logins table and list the sites where the user has entered their credentials. After that, categorize them as secure and