top-rated free essay

week 4 lab 2

By SaraAshley2 Feb 10, 2015 381 Words
Assessment Worksheet
Decoding an FTP Protocol Session for Forensic Evidence
Cybercrime Forensics
Course Name and Number: _____________________________________________________ Sara Komisarz
Student Name: ________________________________________________________________ Abena Shaw
Instructor Name: ______________________________________________________________

01/18/2015
Lab Due Date: ________________________________________________________________

Overview
In this lab, you used two very powerful forensic analysis tools, Wireshark and NetWitness Investigator, to examine the same File Transfer Protocol (FTP) traffic capture file, and compare the results of each. FTP is a protocol that is used extensively in business and social communications as means to move files between a host and a client. Just about every time you download something from an Internet site, you are using a version of FTP to manage the process. It the most-frequently used file transfer tool, but it is vulnerable. You explored the protocol capture file to see how FTP’s cleartext transmission can endanger an organization.

Lab Assessment Questions & Answers
1. Which analysis tool used in this lab helps organize the protocol session and interaction for easier protocol analysis and forensic investigating?
Netwitness is a tool that will help.

2. How are protocol capture and analysis linked to digital computer forensic investigations?
It is linked because it helps to monitor traffic and see a user's username, password, IP address and much more to monitor what they have been doing.

3. What is the source IP address of the FTP client workstation and FTP server? client = 172.16.177.132 IP Address of server = 172.16.177.157

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

4. What was the username and password for the successful FTP connection? Username = badguy
Password = you will never guess this !!

5. What is the MAC layer address of the FTP client workstation and FTP server? 172.16.177.132

6. What are the names of the two text files that were transferred to the server using FTP? badnotes1.txt and badnotes2.txt,

7. What is the port number for FTP? What would you recommend for securing FTP through the public Internet?
21

8. What was the total size of the FTP file transfer?
5.71KB

9. What is the directory on the FTP server where the two text files are located? /home/badguy/

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

Cite This Document

Related Documents

  • wk 4 lab 2

    ...1. Unauthorized network probing and port scanning. IP router, firewall and network appliance operation system vulnerability. 2. An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as wh...

    Read More
  • Week 4 Assignment 2

    ...a cheerful and helpful manner while greeting guests and preparing their orders. 2. Demonstrates a complete understanding of menu items and explains them to guests accurately. 3. Uses Point of Sale system/cash register to record the order and compute the amount of the bill. Collects payment from guests and makes change. 4. Performs Cash-In Proced...

    Read More
  • Week 2 Lab 1

    ...Purpose The purpose of this lab is to learn more about how connected you are to the ecosystems and biosphere that you inhabit. You will learn how your everyday choices contribute to the human impacts on our environment you’ve been learning about. Most importantly, you will learn about benefits that you can achieve by joining the increasing ...

    Read More
  • week 4 Lab 90

    ...Question 1 of 8 20.0/ 20.0 Points Using the air temperature, dewpoint and wind field in the images below, how many different airmasses are located in Oklahoma? A.1 B.4 C.3 D.0 E.2 Answer Key: E Feedback: Good job! Question 2 of 8 0.0/ 20.0 Points What are the airmasses present within the images below? A. cT B. mT ...

    Read More
  • NETW204 Week 4 lab

    ...have learned about Subnetting IP Address, Configuring Static Routes and Static Host Table. Section 2 Configuring RIPv1 and RIPv2 on the Same Network - 15 Points Task 3: Step 2 Related Explanation or Response Task 4: Step 2 Related Explanation or Response Task 4: Step 3 Related Explanation or Response Task 5: Step 1 Related Explanation...

    Read More
  • Is 305 Week 4 Lab

    ...Week 4 Lab: Assessment Worksheet Performing a Business Impact Analysis for an IT Infrastructure Overview Answer the following questions, specific to the creation and focus of Business Impact Analysis as well as BCP documentation. Lab Assessment Questions & Answers 1. What is the goal and purpose of a BIA? To ide...

    Read More
  • Week 4 Lab

    ...Week 3 Laboratory Part 1 Lab Part 1: Configure Access Rights to Folder & Files Using Microsoft GPO Manager & Enable Microsoft BSA to Define a Security Baseline Definition Learning Objectives and Outcomes Upon completing this hands-on lab, students will be able to complete the following tasks: Define Active Directory Group Policy Objects...

    Read More
  • Week 2 Lab

    ...Lab 2 – Water Quality and Contamination Experiment 1: Effects of Groundwater Contamination Table 1: Water Observations (Smell, Color, Etc.) Beaker Observations 1 This beaker has water only, clear with no smell 2 I mixed oil in the water, the oil then started to settle at the top of the water. (oil is not a soluble) 3 Beaker contained vin...

    Read More

Discover the Best Free Essays on StudyMode

Conquer writer's block once and for all.

High Quality Essays

Our library contains thousands of carefully selected free research papers and essays.

Popular Topics

No matter the topic you're researching, chances are we have it covered.