(forensic science) The study of evidence from attacks on computer systems in order to learn what has occurred, how to prevent it from recurring, and the extent of the damage.

McGraw-Hill Dictionary of Scientific and Technical Terms. Copyright © 2003, 1994, 1989, 1984, 1978, 1976, 1974 by McGraw-Hill Companies, Inc. All rights reserved.