Investigation-Situation-Overview

Forensics (or forensic analysis)

Forensics involves examining and analyzing computer systems after a security incident to collect digital evidence. The main objectives are to understand what happened, reconstruct the timeline of events, identify causes, and determine corrective actions.

• Methodology for evidence recovery
• Investigation processes
• Valid legal evidence
• Ethical considerations
• Techniques used by attackers

Statistics

Aspects of Organizational Security

Aspect	Examples
IT security	Application, antivirus, networks
Physical security	Individuals, biometric security
Financial security	Fraud, botnets, phishing
Legal security	National security, copyright