There are many digital forensic tools and techniques available to conduct an end-to-end forensic investigation. An end-to-end investigation tracks all elements of an attack, including how the attack began, what intermediate devices were used during the attack, and who was attacked. A typical investigation will involve to statically review the contents of any drives, as well as dynamically review logs, artifacts (), and internet activity from the web history associated with the breached network ().
The investigation concludes when the investigator examines all of the information, he or she correlates all of the events and all of the data from the various sources to get the whole picture, and prepares reports and evidence in a forensically sound manner.
In this scenario, you know that there has been an attempted/successful intrusion on the network, and you have completed the packet capture analysis using Wireshark. Your task is to write a Final Forensic Report that summarizes network forensics and the digital forensic tools and techniques for analyzing network incidents. This report will include your lab report from the previous step and should also be composed of network attack techniques, network attack vectors, and a comprehensive comparison of at least five tools used for analyzing network intrusions. This report will conclude with a recommendation for network administrators to meet the goals of hardening the infrastructure and protecting private data on the network.
Submit the Final Forensic Report for review and feedback.
Submit your assignment to your instructor for review and feedback.
Follow these steps to access the assignment: