Post 7: Network Forensics Investigation Methodology (TAARA)

January 8, 2019 at | In Network Forensics | No Comments

Continuing from the previous post, there is another network investigation methodology that I am going to discuss, which is the TAARA methodology.

TAARA methodology consists of:

  1. Trigger
  2. Acquire
  3. Analysis
  4. Report
  5. Action

Trigger

This process is the start of the incident that will lead the investigators to start investigating the incident.

Acquire

After the incident has been triggered in the previous process, investigators need to get the information relating to the incident being triggered, the reasons to suspect the incident and getting the evidences for further investigation.

Analysis

After getting all the evidences in the previous step, the collected evidences will be collected and arranged, and analyzed. The timeline of the events will also be arranged in this step.

Report

In this step, the report of the finding is produced and presented to the stakeholders. Investigators can also give suggestions to the stakeholders, so that the stakeholders can know what actions they need to take next.

Action

The suggestions suggested by investigators will take action in this step.

No Comments yet »

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds. Valid XHTML and CSS. ^Top^