There are many digital forensic tools and techniques available to conduct an end-to-end forensic investigation. An end-to-end investigation tracks all elements of an attack, including how the attack began, what intermediate devices were used during the attack, and who was attacked. A typical investigation will involve visual analysis to statically review the contents of any drives, as well as dynamically review logs, artifacts (strategies for handling digital artifacts), and Internet activity from the web history associated with the breached network (web browser forensics).
The investigation concludes when the investigator examines all of the information, he or she correlates all of the events and all of the data from the various sources to get the whole picture, and reports and evidence are prepared in a forensically sound manner.
In this scenario, you know that there has been an attempted/successful intrusion on the network and you have completed the packet capture analysis using Wireshark. Your task is to write a Final Forensic Report that summarizes network forensics and the digital forensic tools and techniques for analyzing network incidents. This report will include your lab report from the previous step and should also be composed of network attack techniques, network attack vectors, and a comprehensive comparison of at least five tools used for analyzing network intrusions. This report will conclude with a recommendation for network administrators to meet the goals of hardening the infrastructure and protecting private data on the network.