Please answer all short questions for Upvote :) 1. What is Network Forensics 2.
ID: 3902634 • Letter: P
Question
Please answer all short questions for Upvote :)
1. What is Network Forensics
2. The following table lists three popular categories used for network forensic evidence. Describe and list at three or more examples of forensic activities for each category.
Categories for the use of Network Forensic Evidence
Description
Examples of Forensic Activities
Security and compliance
Operational intelligence
Customer insights
3. Hackers have compromised a targeted system and its operating system and network logs. The operating system logs do not provide evidence of this hack event. How can network forensic overcome this challenge? List a second popular tool employed in network forensic evidence.
4. List three or more differences between computer forensic analysis and network forensic analysis.
5. Corporate network surveillance is a computer forensic activity that is very common. In order for an organization to prevent violations of the privacy of employees, the first requirement is to establish the business purpose of monitoring network forensic data. List 5 valid business reasons why a business or other organization may be able to monitor network forensic data.
Categories for the use of Network Forensic Evidence
Description
Examples of Forensic Activities
Security and compliance
Operational intelligence
Customer insights
Explanation / Answer
Answer 1.
Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.
Answer 2.
Security and Compliance-
Description-
It is either a state of being in accordance with established guidelines or specifications, or the process of becoming so , to avoid any security threats.
Operational intelligence
Description
Presents a practical approach to forensics in crime analysis and intelligence,Shows practical techniques applied to real case studies,Demonstrates how all major evidence types recovered from crime scenes are potential intelligence sources
Customer insights
Description
Customer insight is the understanding of your customer, based on their buying behavior, their experiences with you, their beliefs or needs. Customer insights go beyond raw data or research, it is a multi-view of your customers derived from a strategic analysis of qualitative and quantitative data
Answer 3:
By performing a detailed digital forensic Investigation and Malware Investigation as well and by collecting the network forensics evidences like Security and compliance, Operational Intelligence and customer Insights.
Tool: ProDiscover or Encase
Answer 4:
#1.Computer Forensics is the practice of collecting, analyzing, and reporting digital data in a legal way whereas Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.
#2.Computer Forensics is presentation of data held or retrieved from computer storage media whereas network forensic deals with network events and logs as well.
#3.In Computer Forensic investigation is mostly performed with physicals medias/units whereas Network forensic investigation is done with Virtual medium.
Answer 5
#1. To avoid misuse of Employee privileges.
#2.To avoid loss of data and to have continous monitoring of organisation's network.
#3.To avoid any threat related to Organisation's privacy
#4. To avoid Indirect Financial loss
#5.To make oraganisation and accounts linked for bussiness safe from getting vunerable