CMIT 460 CMIT460 LAB 2 ANSWERS

CMIT 460 CMIT460 LAB 2 ANSWERS - UMUC

DOWNLOAD HERE⬊

https://studentoffortunefix.com/collections/papers/products/cmit-460-cmit460-lab-2-answers-umuc

UMUC CMIT 460 Lab 2 Answers

1. What was the initial method used to conduct reconnaissance?

2. At what time did an intrusion attempt take place?

3. What attacker tools were used during the intrusion?

4. Is there any evidence of timestomping for files that were placed on the victim system? If so, what are the names and locations of the files?

5. Is there network traffic correlating to malicious activity that is unreadable (encrypted)? How do the log files assist in determining the type of activity taking place?

6. Were any users added to the victim system? If so, list the users and correlate the network packets of this activity by listing the beginning packet number.

7. Are there malicious processes in RAM that correlate to network or log activity?

8. What are potential concerns with regards to log files and the surrounding network with regards to timestamps?

9. Is there any danger in relying on system logs for the correlation of intrusion-based events?

soffix22

Search This Blog

CMIT 460 CMIT460 LAB 2 ANSWERS - UMUC

Comments

Post a Comment