Which activity investigates cybersecurity incidents through data tracking?

Digital forensics analysis focuses on investigating cybersecurity incidents by collecting and examining data artifacts to reconstruct what happened, when, and how. It involves preserving evidence like logs, file metadata, memory dumps, disk images, and network captures, then analyzing them to trace attacker actions, determine the scope and timeline, and identify root causes and remediation steps. The other options don’t fit because failed login attempts point to authentication events rather than an investigative process; network sniffing (if that’s what is meant) is a data collection technique, not a formal incident investigation; and iris recognition is a biometric authentication method, not an investigative activity.