Cybersecurity - Digital Forensics
In a forensic investigation, you need to identify the source of a network attack using logs. Which combined approach is best?
In a forensic investigation, you need to identify the source of a network attack using logs. Which combined approach is best?
hard🚀 Application Q9 of 15
Step-by-Step Solution
Solution:
Step 1: Understand the need for multiple data sources
Firewall logs show network traffic, system logs show host activity, and geolocation helps locate IP origins.Step 2: Combine logs for comprehensive analysis
Correlating these sources provides a clearer picture of the attack source and path.Final Answer:
Correlate firewall logs with system logs and IP address geolocation -> Option DQuick Check:
Best source ID = Correlate multiple logs + geolocation [OK]
Quick Trick: Combine logs and geolocation for attack source tracing [OK]
Common Mistakes:
MISTAKES- Relying on a single log source
- Ignoring network data in investigations
Master "Digital Forensics" in Cybersecurity
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Cybersecurity Quizzes