Technical Concepts and Acquiring Evidence

In the previous chapter, we learned about the various types of evidence sources. In this chapter, we will look at those sources in detail. We will familiarize ourselves with the basics of different types of log formats and look at the various technical key concepts required to conduct a network forensics exercise successfully.

We will cover the following topics in this chapter:

• Inter-networking refresher
• Exposure to various types of logs
• Case studies on logs and packet structures

So, let's get started with the basics of inter-networking and understand how communications take place with respect to the OSI networking model.