Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Integrating Forensic Techniques into Incident Response

Published

Author(s)

Timothy Grance, Suzanne Chevalier, Karen Kent Scarfone, Hung Dang

Abstract

This publication is intended to help organizations in investigating computer security incidents and troubleshooting some information technology (IT) operational problems by providing practical guidance on performing computer and network forensics. The guide presents forensics from an IT view, not a law enforcement view. Specifically, the publication describes the processes for performing effective forensics activities and provides advice regarding different data sources, including files, operating systems (OS), network traffic, and applications. The publication is not to be used as an all-inclusive step-by-step guide for executing a digital forensic investigation or construed as legal advice. Its purpose is to inform readers of various technologies and potential ways of using them in performing incident response or troubleshooting activities. Readers are advised to apply the recommended practices only after consulting with management and legal counsel for compliance concerning laws and regulations (i.e., local, state, Federal, and international) that pertain to their situation.
Citation
Special Publication (NIST SP) - 800-86
Report Number
800-86

Keywords

FISMA, Forensics, Incident Response

Citation

Grance, T. , Chevalier, S. , Kent, K. and Dang, H. (2006), Guide to Integrating Forensic Techniques into Incident Response, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=50875 (Accessed May 9, 2021)
Created September 1, 2006, Updated February 19, 2017