In Incident response data by collecting the state of the machine which includes the date, time, open ports, IP address configuration, network connection state, the list of tasks running on the machine, information about logged users, and list of users on the system into an incident response report. After you do this initial work, you will review the logs to determine successful login events. You determine from the review of the logs that you have been hacked through a forensics investigation.
Comments