Posted: March 11th, 2023

hw C

apa 7

no word minimum BUT answer questions thoroughly!!

no plagiarism

USE REFERENCES PROVIDED!!!

Both discussions due 2/25

Imagine you are testifying in court about anomalous activity on the network. The attorney asks you how the Internet traffic indicated unusual activity and how you knew this was unusual. Explain how you would answer this question on the stand using two specific examples and discuss how these examples would convince the attorney that your reasoning as to how you knew the internet traffic was unusual was valid.

References

Meghanathan, N., Allam, S.R., & Moore, L.A. (2009). 

Tools and techniques for network forensics

. International Journal of Network Security & Its Applications, 1(1). 14-25. 

Jones, A.K., & Sielken, R.S. (2000). 

Computer system intrusion detection: A survey

. 

Bromiley, M. (2016). 

Keys to effective anomaly detection

. SANS Institute. 

Wadner, K. (2015). 

A network analysis of a web server compromise

. SANS Institute.

Explain and list the major elements and importance of items that should be contained within a Digital Evidence report. Why is it important to disclose the disposition of the items analyzed in the report, and how can that be challenged (retrieval, storage, etc.)?

References

Knowles, B. (2015). 

DFIR analysis and reporting improvements with scientific notebook software

. SANS Institute. 

Digital Evidence Forensic Report Template

. 

Scientific Working Group on Digital Evidence (SWGDE). (2020). 

SWGDE practical considerations for submission and presentation of multimedia evidence in court, Version 1.0

. 

Scientific Working Group on Digital Evidence (SWGDE). (2018). 

SWGDE requirements for report writing in digital and multimedia forensics

.