This chapter focused on building our understanding of malware, what it is, how it works, what is the kind of damage it can do is, as well as how to go about identifying it. You learned about the IOC and understood how to about identifying compromised systems and networks. You also learned about the process of malware forensics and the different steps that we follow in the investigation along with their relevance.

Moving forward in our journey of understanding network forensics, we will look at how to put our knowledge that we gained so far to good use and work together to solve the case in the next chapter.