Information security incidents bound to occur in a SecG, there is a requirement to develop a capability to apply digital forensic techniques from a Security Operation Center (in a controlled environment) to examine and analyze the data that have been collected to determine if their systems and networks may have sustained any damage and if sensitive data may have been compromised. Digital forensic techniques provide a platform for purposes, such as CDR, supporting the investigation of crimes and violations of internal policies, analyses of security incidents, reviews of operational problems, and recovery from accidental system damage.
Capabilities In Forensic Domain: