What form of discovery involves mapping out devices in an infrastructure after a data breach?

Network discovery is the correct answer because it focuses on identifying and mapping out devices connected to a network. This process is crucial following a data breach, as it helps security analysts understand the entire landscape of devices that may have been compromised or are vulnerable. By using network discovery techniques, such as scanning IP addresses and identifying network services running on those devices, analysts can create a comprehensive view of the network and locate any potential security weaknesses or unauthorized access points.

Mapping out the infrastructure is essential for ensuring that all devices are accounted for and can be appropriately secured or investigated as part of the breach response. This process enables organizations to assess the scope of the breach, implement containment strategies, and strengthen defenses to prevent future incidents.

Other forms of discovery, while related, serve different purposes. For example, host discovery focuses specifically on identifying individual hosts or servers, and edge discovery pertains to identifying devices at the perimeter of the network. Passive discovery, on the other hand, monitors network traffic to gather information without actively scanning, which may not provide the immediate clarity necessary for responding to a breach. Therefore, network discovery is the most relevant approach in this context.