Please answer all questions for Thumbs Up 1. Assume that a network forensic inve
ID: 3903229 • Letter: P
Question
Please answer all questions for Thumbs Up
1. Assume that a network forensic investigator collects TCP/IP packet headers transmitted from outside the organization's network to into the organization's network from non-employees. Explain the reasons why a search warrant may or may not be required?
2. Assume that a network forensic investigator collects TCP/IP packet bodies transmitted from outside the organization's network to into the organization's network from non-employees. Explain the reasons why a search warrant may or may not be required?
3. The reliability of TCP/IP packet header forensic data may be questioned because of spoofing attacks that may falsify the MAC or IP address. What other computer or network forensic data may be used to authenticate a MAC or IP address?
4. Explain the concept of Admissibility of Evidence
5.
TCP/IP is called the Internet Protocol Suite because it represents a collection of network protocols that is used to transmit data across the Internet between one application and another application, e.g., your Internet Browser communicating with a web server. Complete the following table is a reasonable amount of detail.
TCP/IP Layers
Detailed List of Functions
List of Relevant Protocols Summer 2018
Relationship to OSI Model Layer
Application Layer
Provides an Interface between Applications and network communication, e.g., TCP/IP
HTTP, SMTP, more…
Transportation Layer
Network Layer
Interlink (or Link) Layer
TCP/IP Layers
Detailed List of Functions
List of Relevant Protocols Summer 2018
Relationship to OSI Model Layer
Application Layer
Provides an Interface between Applications and network communication, e.g., TCP/IP
HTTP, SMTP, more…
Transportation Layer
Network Layer
Interlink (or Link) Layer
Explanation / Answer
Please Note: As per Chegg Answering Guidelines, I have answered the first question. Please Post Separate for Separate Questions.
1. Assume that a network forensic investigator collects TCP/IP packet headers transmitted from outside the organization's network to into the organization's network from non-employees. Explain the reasons why a search warrant may or may not be required?
Answer)
A search warrant for collecting the TCP/IP packet headers transmitted from outside the organization's network to into the organization's network from non-employees will not be required as the data or the traffic is flowing into the organization from the Internet and the network forensic investigator analyzes the traffic and the packets for threats to the organizational network. Thus, it will not require a warrant to go through those packets and TCP/IP packet headers and thus if transmitted in the network of the organization from outside, it would not be a unlawful event and a search warrant will not be required as the organization will just be defending itself from the harmful internet attacks.