Network Forensics

Readings

1. The documents listed in the links below are examples of Incident Response Plans that, once filled in, could become a viable starting point for your organization.
   1. https://cdt.ca.gov/wp-content/uploads/2017/03/templates_incident_response_plan.doc
   2. http://cdn.ttgtmedia.com/searchDisasterRecovery/downloads/SearchDisasterRecovery_Incident_Response_Plan_Template.doc
   These lab reports are samples. Please use the Forensic Investigative Analysis Report template provided in the Course Documents folder to structure your assignment.
2. Use this guideline from Berkeley Security to assist you in getting started with the Incident Response Plan should an incident occur.
   1. https://security.berkeley.edu/content/incident-response-planning-guideline
3. You already looked at portions of this NIST guide; now use chapters 1–8 to provide guidance as you make your way through the case evidence for relevant reporting points.
   1. Computer Security Incident Handling Guide