Network Forensic Investigate and Analyze Network Trafffic Project
Description
Having Trouble Meeting Your Deadline?
Get your assignment on Network Forensic Investigate and Analyze Network Trafffic Project completed on time. avoid delay and – ORDER NOW
Instructions
Outline ~ Network Forensics Assigement Requirements
Project Assignment Actions Taken (provide complete documentation of your actions to complete the Project Assignment)
Glossary of Terms (include all relevant technical terminology )
References (APA/MLA format )
Assignment
For this assignment you will document the sources of network-based digital evidence and the various types of forensic evidence recovered using all the show commands listed in Table 1.1 Sources of Network-Based Evidence [Switch] and Table 1.2 Sources of Network-Based Evidence [Router]
Table 1.1 Sources of Network-Based Evidence [SWITCH]
SWITCH
show mac-address-table show history
show running-configuration show hosts
show ip interface brief show spanning tree
show vlan show flash
show interface fa0 show users
Table 1.2 Sources of Network-Based Evidence [ROUTER]
ROUTER
show ip route show startup-configuration
show arp show version
show access-lists show ntp
show cdp neighbors show dhcp
show ip protocols show clock
show logging show interface
show ip route show ip cache flow
Proceed with documenting the sources of network-based digital evidence after completing all of the show commands for selected subnets from your network topology (previously created in lab-1). Provide a complete response and/or include screen captures for each of the items listed below:
- Include a screen capture of the completed addressing table in the report
- Include a screen capture of the completed network topology in the report
The Network Forensics Investigative Methodological Framework: recovering and analyzing digital evidence from the various network sources will be completed so that the results are both reproducible and accurate. Therefore the network forensic investigator will employ the methodological framework of Obtain, Strategize, Collect, Analyze, and Report (OSCAR).
- Document sufficient information about the incident and the environment
- description, date, time, method of incident discovery, systems, data involved, and action taken
- description of the network topology, and available sources of network evidence
- Accurately access your resources and plan the investigation
- servers, end devices, LANs, WANs
- consider volatile vs. non-volatile
- create an evidence prioritization table and list the source of evidence, likely value, effort to obtain, expected volatility, and priority
- prioritize and develop a plan for evidence acquisition based on available resources
- Collect evidence from each source
- keep a log of all systems accessed and all actions taken during evidence collection
- record date, time, source, method of acquisition, investigator, and chain of custody
- capturing packets, copying logs, or forensic images
- track the source, method of acquisition, and the chain of custody to maintain relevance and reliability
- action taken to preserver the evidence integrity of the evidence
- cryptographically verifiable copies
- Analysis process
- Document and provide examples for the element of correlation where the data from different sources overlap
- multiple data sources to build a timeline.
- elements considered as events of interest.
- corroboration through multiple sources any data that characterizes many sources of network logs
- repeat until events are understood
- educated assessments of the meaning of the evidence
- Report
- document and convey the results
- understandable by nontechnical laypeople
- defensible in detail
- factual
- detail summaries and high-level descriptions
- Document and provide examples of when the data sources are complementary and contain evidence not found elsewhere.
- Document the forensic value for each source of network-based digital evidence commonly found in organizations
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Order Now and we will direct you to our Order Page at Litessays. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.