Which term refers to monitoring network traffic to identify security vulnerabilities and diagnose problems, often included in network forensics discussions?

Monitoring network traffic to identify security vulnerabilities and diagnose problems is a practice that falls under network forensics. This field focuses on collecting and analyzing network data—such as packet captures, traffic flows, and logs—to understand what happened on the network, detect weaknesses or misconfigurations, and support incident response. Packet capture is a common method used within this discipline to gather raw packets for detailed inspection, which is why it often appears in related discussions. SSL decryption describes a specific capability to read encrypted traffic, not the broader activity of monitoring and analyzing traffic. Social engineering targets people rather than network traffic, so it doesn’t fit this context. In short, the described activity aligns with network forensics.