Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)
TLP - The Digital Forensics Podcast05/28/24 • 46 min
In this 45 minute episode Clint covers a lot of ground based on the Detection phase of NIST 800-61.
Attack vectors for digital security incidents, including insider threats and weaponized USBs.
Cybersecurity incident response and detection, including NIST guidelines and Sysmon logging augmentation
The importance of following temporal linearity in Forensic Investigations, expanding analysis to 5-10 minutes prior to and after events, particularly in Internet History and Memory Dumps
Building a baseline of activity through network pcaps and log analysis
Why synchronised clocks are important?
How detailed notes help in your investigations
05/28/24 • 46 min
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/tlp-the-digital-forensics-podcast-499070/episode-3-nist-sp-800-61-computer-security-incident-handling-guide-det-65954509"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to episode 3 - nist sp 800-61 computer security incident handling guide (detection) on goodpods" style="width: 225px" /> </a>
Copy