top-rated free essay

week 4 lab 2

By SaraAshley2 Feb 10, 2015 381 Words
Assessment Worksheet
Decoding an FTP Protocol Session for Forensic Evidence
Cybercrime Forensics
Course Name and Number: _____________________________________________________ Sara Komisarz
Student Name: ________________________________________________________________ Abena Shaw
Instructor Name: ______________________________________________________________

01/18/2015
Lab Due Date: ________________________________________________________________

Overview
In this lab, you used two very powerful forensic analysis tools, Wireshark and NetWitness Investigator, to examine the same File Transfer Protocol (FTP) traffic capture file, and compare the results of each. FTP is a protocol that is used extensively in business and social communications as means to move files between a host and a client. Just about every time you download something from an Internet site, you are using a version of FTP to manage the process. It the most-frequently used file transfer tool, but it is vulnerable. You explored the protocol capture file to see how FTP’s cleartext transmission can endanger an organization.

Lab Assessment Questions & Answers
1. Which analysis tool used in this lab helps organize the protocol session and interaction for easier protocol analysis and forensic investigating?
Netwitness is a tool that will help.

2. How are protocol capture and analysis linked to digital computer forensic investigations?
It is linked because it helps to monitor traffic and see a user's username, password, IP address and much more to monitor what they have been doing.

3. What is the source IP address of the FTP client workstation and FTP server? client = 172.16.177.132 IP Address of server = 172.16.177.157

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

4. What was the username and password for the successful FTP connection? Username = badguy
Password = you will never guess this !!

5. What is the MAC layer address of the FTP client workstation and FTP server? 172.16.177.132

6. What are the names of the two text files that were transferred to the server using FTP? badnotes1.txt and badnotes2.txt,

7. What is the port number for FTP? What would you recommend for securing FTP through the public Internet?
21

8. What was the total size of the FTP file transfer?
5.71KB

9. What is the directory on the FTP server where the two text files are located? /home/badguy/

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

Cite This Document

Related Documents

  • wk 4 lab 2

    ...1. Unauthorized network probing and port scanning. IP router, firewall and network appliance operation system vulnerability. 2. An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as wh...

    Read More
  • Dq 1 and 2 Week 4

    ...personnel need to have access to these resources. Another important part of the physical layer would be the actual data storage and recovery. It is important to have a source for information backup kept offsite, in the case of an environmental disaster on location. The next layer, the data-link layer, exposes a vulnerability in the exposure of d...

    Read More
  • Week 4 Lab

    ...1 What is the goal and purpose of a BIA? To identify the impact of outages. More specifically, the goal is to identify the critical functions that can affect the organization. 2 Why is a business impact analysis (BIA) an important first step in defining a business continuity plan (BCP)? The first step towards creating a serious BCP i...

    Read More
  • Is 305 Week 4 Lab

    ...Week 4 Lab: Assessment Worksheet Performing a Business Impact Analysis for an IT Infrastructure Overview Answer the following questions, specific to the creation and focus of Business Impact Analysis as well as BCP documentation. Lab Assessment Questions & Answers 1. What is the goal and purpose of a BIA? To ide...

    Read More
  • week 4 Lab 90

    ...Question 1 of 8 20.0/ 20.0 Points Using the air temperature, dewpoint and wind field in the images below, how many different airmasses are located in Oklahoma? A.1 B.4 C.3 D.0 E.2 Answer Key: E Feedback: Good job! Question 2 of 8 0.0/ 20.0 Points What are the airmasses present within the images below? A. cT B. mT ...

    Read More
  • NETW204 Week 4 lab

    ...have learned about Subnetting IP Address, Configuring Static Routes and Static Host Table. Section 2 Configuring RIPv1 and RIPv2 on the Same Network - 15 Points Task 3: Step 2 Related Explanation or Response Task 4: Step 2 Related Explanation or Response Task 4: Step 3 Related Explanation or Response Task 5: Step 1 Related Explanation...

    Read More
  • Week 4 Assignment 2

    ...a cheerful and helpful manner while greeting guests and preparing their orders. 2. Demonstrates a complete understanding of menu items and explains them to guests accurately. 3. Uses Point of Sale system/cash register to record the order and compute the amount of the bill. Collects payment from guests and makes change. 4. Performs Cash-In Proced...

    Read More
  • statistics week 2 lab

    ...Statistics – Lab Week 2 Name: Math221 Creating Graphs 1. Create a Pie Chart for the variable Car - 2. Create a histogram for the variable Height – 3. Create a stem and leaf chart for the variable Money – Stem-and-Leaf Display: Money Stem-and-leaf of Money N = 20 Lea...

    Read More

Discover the Best Free Essays on StudyMode

Conquer writer's block once and for all.

High Quality Essays

Our library contains thousands of carefully selected free research papers and essays.

Popular Topics

No matter the topic you're researching, chances are we have it covered.