Is4670 Unit 10 Lab Q&a

In: Computers and Technology

Submitted By lnodal
Words 498
Pages 2
1. What was the user account name of the FTP client on the FTP server and which was its IP address?
The FTP account name is: Badguy. FTP server’s IP:

2. How many emails did the alleged offender sent to his partner before downloading the implicated file? Which are the two email addresses involved?

The alleged offender sent 3 emails before downloading the file. The email address involved were: and

3. As a forensics investigator, would you be able to playback an entire TCP session if it is requested under trial?

Yes, Netwitness investigator allows a forensics investigator to playback an entire TCP session previously capture.

4. What time did the alleged offender choose to perform the actions? Why do you think this is particularly important? Where did you get this information from?

After reviewing the entire packet capture we notice that download occurred around 4:00am. This is particularly important since directly to “system usage” outside regular hours of operations.

5. What is the name of the “local user” account involved in the alleged actions? Which was the IP address of the alleged offender workstation?

The local administrator account was the one involved. The IP address of the client FTP client was:

6. How many attempts to access the FTP server did you find during the packet capture analysis? Why is this important for your case?

Two attempts to access the FTP server were found. A lower rate of attempts, followed by a successful log on usually means the user has the password for the account. Several attempts could point towards a brute force attack.

7. What was the password of the FTP client account used to perform the alleged actions? How were you able to obtain the password?
“You will never get this!!”. FTP traffic travels in clear txt, thus, making it easy…...

Similar Documents

Nt1430 Unit 2 Lab Procedure

...Unit 2 Lab Procedure ***IMPORTANT: Read the lab procedure completely before beginning. Reading for Next Week Chapter 11 and 12 in Practical Guide to Red Hat Linux Exercise 1: Virtual Library research Search and explore the ITT Tech Virtual Library for resources on bash. Use the following keywords and phrases to help you locate appropriate resources: * bash scripts * bash history * the bourne shell * bourne again shell * commands in Linux Required Resources Access to the Internet Access to ITT Tech Virtual Library Submission Requirements * Students bring to class the following: * one printed copy of one pertinent resource found through the ITT Tech Virtual Library * one printed copy of one pertinent resource found through the Internet * Students should be prepared to share and discuss one or two critical points from each resource with classmates. * After small group discussion, students will hand in the printed copies of resources for a pass/fail grade. (print an extra copy for yourself to take notes on and keep.) The resources must pertain to the given topic to receive a passing grade. * Note: If the resource shared is a full website or tutorial, you can just print the lead page that gives key information about the content of the resource. (cont’d) Exercise 2: Accessing the man Pages 1. Start the primary system and log in as the regular none-privilege user 2. Read...

Words: 1532 - Pages: 7

Unit 10

...Assignment Grading Rubric Course: IT460 Unit: 10 Points: 140 Assignment 10 Outcomes addressed in this activity:  Complete final assignment Course Outcomes:   IT460-1 Compare various types of information systems. IT460-4 Practice team dynamics by participating in a role play activity. Assignment Instructions: Please complete the following assignments using MS Word. Save the assignment as Final Assignment.doc and place it into the Unit 10 Final Assignment Drop Box. Ensure all group members have checked the final assignment before it is submitted. Submit only one Final Assignment per group. Click here to access the “SCR-TIMS Work Session Link”. Part 1: System Architecture Tasks 1. Visit SCR's data library to review SCR's network configuration and then send Jesse a recommendation for the TIMS system architecture. She wants me to suggest an overall network topology solution. She also asked me to comment on these issues: legacy data, Web-centricity, scalability, security, and batch processing that might be needed. Jesse said it was OK to make reasonable assumptions in my proposal to her (SCR-TIMS, Work Session, Session 10,- To Do List #2). This includes providing a detailed description of a client/server architecture. Assignment should also show distinction between 2 tier and 3 tier network and select one for recommendation. A detailed analysis of network topology includes definition and what is being proposed for the client. Assignment should give a definition of what...

Words: 1330 - Pages: 6

Is3230 Lab 10 Assessment

...Lab 10 Assessment Questions 1. Describe what ZenMap GUI performs to do passive OS fingerprinting? * ZenMap GUI sends out broadcasts for server queries for various different types of operating systems in servers (OS). By examining how various hosts respond to certain queries, ZenMap GUI can distinguish what kind of OS and server exists. 2. Nmap can also help define applications that are available on the machines it is scanning. How does it know the application? Is this a reliable method of identifying running services on a target machine? * Nmap searches its internal database and what ports on the IP’s are listening and matches it to the best known application. Applications like MSSQL and Web servers usually use the same ports over and again For example tcp port 3389 will most definitely show Microsoft Remote Desktop application listening for incoming connections by default. This is not a very reliable form of identifying services because any service can manually be started on a well-known port number invalidating Nmap’s list of commonly used ports. 3. Why would you want to use Nmap before an attack as opposed to after the attack? * Student’s discretion - Typically to discover live hosts and open ports but it can be argued that Nmap is useful both pre- and post- attack to determine courses of action which are taken on any attacked systems. 4. How does Nessus® differ from Nmap (ZeNmap GUI) and which tool would you use for network discovery and......

Words: 853 - Pages: 4

Lab Report 10

...Group Members:Edna Rodriguez, Bryce Bash, Alex Chick, Kang Park, Rose Date: 4/3/14 LI Jonathan Turner Unique 49190 Day: Thursday Room: 1.24 Lab Start Time 1:30pm Exercise 10 Lab Report Adhere to UT’s Honor Code and course policies. Answer group questions individually first before compiling them into one consensus group response. Individual questions are to be answered independently. Balance between brevity and completeness. Show your work for all calculations and be sure to include proper units where necessary. Any secondary resources need to be cited. One printed report is to be submitted at the START of your next laboratory period as well as a digital pdf version uploaded to Canvas. GROUP QUESTIONS 1. List the functions of the following external structures: (3 pts.) (a.) Chelapeds: large walking appendages of a crayfish; appendages allow the crayfish to grasp and tear food, and also defend itself (b.) Walking legs: the 4 pairs of appendages used to locomote in the crayfish, they are equipped with gills which allows for gas exchange (taking in oxygen, releasing carbon dioxide) (c:.) Maxillapeds: an appendage modified for feeding: holding food, touching and tasting (d.) Cephalothorax: the first segment of a crayfish, consisting of a head fused to the thorax (e.) Genital pore: location of where sperm or eggs are released (f.) Nephridiopore: Part of the excretory system for removing nitrogenous waste. (g.) Abdomen: the multi-segmented posterior region of the crayfish......

Words: 2434 - Pages: 10

Issc342 Lab 3 Q&a

...Lab 3 Questions and Answers 1. Within a Microsoft® Windows 2008 server R2 environment, who has access rights to the EFS features and functions in the server? Only the users that have been given the rights to encrypt files and have rights to encrypt and decrypt. 2. BitLocker can enable three modes of access control on drives. List these three modes. The three modes are TPM, PIN, and USB. 3. What feature and function can you enable to mitigate the risk caused by USB thumb drives moving confidential data to/from a USB hard drive? You can use either a smartcard or a USB key/password through windows prompts. 4. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords? Well whenever you encrypt BitLocker drives and use BitLocker passwords, windows will give you options of ways to store the passwords. You can save to a USB flash drive, save to a file, or print the recovery key out. 5. What encryption algorithm is supported by BitLocker? The main type is Asymmetric algorithm. 6. What is the Trusted Platform Module (TPM) within BitLocker, and how does this verify the integrity of the workstation domain and laptop boot process? (TPM) uses a microchip to manage and protect the key used for volume encryption and decryption. BitLocker uses a combination of TPM, PIN, and USB keys to verify the integrity of the boot processes. 7. How do you grant additional......

Words: 467 - Pages: 2

W & Q Lab

...Lab 1 – Introduction to Science Exercise 1: The Scientific Method Dissolved oxygen is oxygen that is trapped in a fluid, such as water. Since many living organism requires oxygen to survive, it is a necessary component of water systems such as streams, lakes and rivers in order to support aquatic life. The dissolved oxygen is measured in units of parts per million (ppm). Examine the data in Table 4 showing the amount of dissolved oxygen present and the number of fish observed in the body of water the sample was taken from; finally, answer the questions below. QUESTIONS 1. Make an observation – Based on the data in Table 4, discuss what patterns you observe in regards to dissolved oxygen content and fish populations in the body of water? Answer =The dissolved oxygen levels are increasing by two while the number of fish are rising until the eighth observation falls and only increases by two. 2. Do background research – Utilizing at least one scholarly source, describe how the dissolved oxygen content in a body of water can effect fish populations. Answer = Photosynthesis by aquatic plants is one of the main sources of oxygen for fish. Oxygen accumulates during the day when the sun shines on the plants in the water. Oxygen levels drop at night because of respiration from plants, animals, and the fish. The number of fish that die when oxygen depletion of dissolved oxygen and how long it stays low. Larger fish are affected more than smaller......

Words: 680 - Pages: 3

Is4670 Week 3 Lab

...Week 3 Laboratory Week 3 Lab Part 1: Automate Digital Evidence Discovery Using Paraben’s P2 Commander Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Open an existing case file using P2 Commander * Analyze the data in the image and the files saved in the case * Sort and identify evidence file types in a case using Paraben's P2 Commander forensic tool * Use P2 Commander to identify information for potential evidence contained in chat logs such as Skype chat * Analyze the contents of user profiles and data using the P2 Commander browser Week 3 Lab Part 1 - Assessment Worksheet Overview View the Demo Lab available in the Practice section of Learning Space Unit 5 and then answer the questions below. The video will demonstrate the use of Paraben's P2 Commander and outline the different forensics capabilities of the tool. Lab Assessment Questions & Answers 1. When talking about Information Security, what does the 'CIA' stands for? CIA in information security stands for confidentiality, integrity and availability. 2. When would it be a good practice to classify data? It would be a good practice to classify data when you need to extract files from a hard drive or system for investigating in order to accurately organize the findings. 3. What is Security classification? Security classification is the security level assigned to a government document,......

Words: 635 - Pages: 3

Unit 10

...device drivers and services * Diagnostic Startup- load basic devices and services only * Selective startup- Process System.ini file, process Win.ini file, load system services, load startup items, use original Boot.ini, use modified Boot.ini Services-Located in administrative tools, used to stop and start individual services while troubleshooting your computer. Services utility ca be accessed through the computer management utility and MS Config utility. Event Viewer: Located in Admin Tools * Application-information, warning, error * Security- failure, success * System- information, warning, error Types of Networks: * LAN(Local Area Network) * WAN(Wide Area Network) Administering a LAN: Peer to Peer: * 10 or fewer computers * All computers are equal * Local administration * Local security * Local control of resources Client Server: * Scalable network * Central administration * Centralized security * Centralize control of resources Networking Models: Workgroup: * Peer-to-peer network * All computers are equal Domain: * Client server network * At least one server promoted to role of domain controller * Servers manage domain administration Network Topologies: Four Topologies: * Bus * Ring * Star * Mesh Bus: * Single cable connects all devices * Requires 50ohm terminator(resistor) at each end * Easy to create * Less expensive * Each node represents...

Words: 489 - Pages: 2

Unit 10

...preparations for the dinner been successful? 4. How does Amanda dress for the gentleman caller? 5. Why does Laura dread the evening? 6. Describe the way Laura answers the door. 7. What does Jim recommend for Tom? 8. What does Jim tell Tom about his job? Is Tom concerned about this warning? Why? 9. What first step has Tom already taken? 10. With whom does Tom identify as he talks of his plans? 11. Does everyone enjoy dinner? Scene 7 1. What happens as they finish dinner? 2. What lighting do they use instead? 3. What is Jim’s first assessment of Laura? 4. Does Jim recognize Laura? 5. How does Jim react to Laura’s confession of her shyness and the reason she gives for it—the brace on her leg? 6. How is Jim discovering his own excellence? 7. What is Jim’s view of democracy? 8. Why does Laura show Jim the unicorn? 9. What is Jim’s next step in curing Laura’s inferiority complex? 10. What happens as they dance? 11. As Jim forthrightly tells Laura about Betty and their marriage plans, how does Laura react? 12. What is the significance of Laura’s gift to Jim? 13. What is Tom’s final realization?...

Words: 638 - Pages: 3

Research Paper Lab 10

...Morgan Johnson (19407679) NS 1110  Friday Research Paper Lab 10 Morgan Johnson (19407679) NS 1110  Friday Research Paper Lab 10 The topic I chose for my research project is setting up a business on the Darknet. I think it would be more accurate to say that the topic chose me. I was originally browsing the internet on the various subjects presented to us in the assignment handout and had started reading a little about ecommerce when this topic jumped out at me. As I started looking into the other topics on the sheet, I couldn’t get the information about the Darknet world out of my mind. I think I have a bit of a fascination with the outer edges of society and that includes cyber-society. The secretive world of the Darknet is interesting in itself but setting up an ebusiness that may or may not provide illegal goods and services requires such an intricate system of safeguards that, for someone new to the tech world like myself, it is like opening the door to a bizarre and complicated dimension. Even after spending some time researching the subject, it would take hours more and I still would have barely explored the world of the cyber underbelly. The first thing a person needs to do when setting up a potentially questionable business, is to research various countries legal relationship with the country you’re based in. For the sake of this paper, we will assume we live in the U.S. Find out which have or don’t have Mutual Legal Assistance Treaties. When you......

Words: 809 - Pages: 4

Lab #10

...Lab #10 Assessment Questions & Answers Network/Security Assessment Questionnaire Network Assessment – Required Information 1. Do you have detailed logical network drawings? If so, please attach. 2. What Directory service, if any, is in use? 3. How many network elements do you have? List each, including make and model or attach list. 5 4. Have you configured multiple networks on this infrastructure? no 5. What internal (RFC1918 or otherwise not-Internet-routable) IP address ranges do you use? 6. What external (Internet routable) address ranges do you use? 7. What protocols are in use on your network? 8. What is the role of each network? (Attach list if multiple networks.) 9. How many hosts do you have on the network? 10. What operating systems are used among your servers and workstations? 11. What applications rely on your network(s)? 12. How many Internet-exposed servers are on your network? 13. What applications do you use to manage your network(s)? 14. What geographic locations connect to your network(s)? 15. What are your future growth plans for your network(s)? Security Assessment – Required Information 1. Do you have firewalls, ACLs, or other types of traffic filters in place within your network? If yes, please describe. 2. What is the general firewall policy: Default permit, default deny inbound, default permit outbound? 3. Do you have any other filtering technologies implemented at the network or......

Words: 708 - Pages: 3

Is 3120 Unit 10 Assignment 10

...Unit 10 Assignment 10: FCAPS is a network management framework created by the International Organization for Standardization (ISO) (Rouse, 2007). FCAPS categorizes the working objectives of network management into five levels. The five levels are: fault-management (F), the configuration level (C), the accounting level (A), the performance level (P) and the security level (S) (Rouse, 2007). The Marketing Company is a mid-size business that needs network management software. I recommend the Marketing Company should utilize network management toolset of the OpUtils software. It monitors network performance, calculates the bandwidth utilization, and scans the traffic for errors through SNMP. The tool also provides asset details such as the OS, installed software, and hardware and informs you about the general availability and performance of the network elements ("Network management tools," 2014). The goal of fault management is to recognize, isolate, correct and log faults that occur in the network. Furthermore, it uses trend analysis to predict errors so that the network is always available. This can be established by monitoring different things for abnormal behavior. When a fault or event occurs, a network component will often send a notification to the network operator using either a proprietary or open protocol such as SNMP (such as HP OpenView or Sun Solstice–formerly Net Manager), to collect information about network devices or at least write a message to its console......

Words: 681 - Pages: 3

Pt1420 Lab 10

...Lab 10: File Access This lab accompanies Chapter 10 of Starting Out with Programming Logic & Design. Lab 10.1 – File Access and Visual Basic This lab examines how to work with a file by writing Visual Basic code. Read the following programming problem prior to completing the lab. Write and design a simple program that will take 3 pieces of data and write it to a file. Create variables and set them equal to the appropriate values: Declare string firstName = “xxx” Declare string lastName = “xxx” Declare integer age = your age Write this information to a file called myRecords.txt. Next, read this information from the file and print it to the screen. Step 1: Create a new Visual Basic workspace and add the following code: Module Module1 Sub Main() Dim firstName As String = "XXXX" Dim lastName As String = "XXX" Dim age As Integer = #### Dim writer As System.IO.StreamWriter = System.IO.File.CreateText("myRecords.txt") writer.WriteLine(firstName & " " & lastName & " " & age) writer.Close() Dim reader As System.IO.StreamReader = System.IO.File.OpenText("myRecords.txt") Dim myInfo As String = reader.ReadLine() Console.WriteLine(myInfo) reader.Close() 'this causes a pause so you can see your program Console.Write("Press enter to continue...") Console.ReadLine() End Sub End Module Step 2: Change......

Words: 347 - Pages: 2

Unit 10

...comprehensive regulations for safe drinking water. (Editorial Board, 2013). This act was passed in 1974. Its main provision or goal is to ensure that all public water supplies and it sources such as rivers, lakes, reservoirs, springs, and ground water wells meet the national standards to protect individuals from harmful contaminants that can enter the safe drinking water system. The SDWA allows for the EPA to delegate the physical regulations of the public water system to the states such as size, capacity, etc. The provisions under the SDWA allow for proper monitoring of the water quality. Water sample are collected in intervals at a specific location, and then the samples are sent to a state approved testing laboratory. The results from the lab are then sent to the state to determine the public water system is in compliance with the Safe Drinking Water Act. SDWA requires reports to be made to the public if the water is in violation. SDWA has definitely had an impact on the economy. "The cost side of the analysis includes estimating the expenditures needed to comply new regulations to install contaminant removal technology and determining the cost to increase the house hold water bill"(EPA, 2014) The main goal is to reduce the contaminants that has effects on humans as well as the environment. Analyst are able to calculate a baseline for the data which the EPA collects that data for the contaminant occurrence information. The Safe Drinking Water Act has definitely......

Words: 711 - Pages: 3

Unit 1 Labs

...ITT TECHNICAL INSTITUTE NT1210 Introduction to Networking Onsite Course GRADED ASSIGNMENTS Graded Assignment Requirements Retain all handouts issued in every unit, as well as any assignment, research, or lab documents you prepare as part of assignments and labs. Some may be used more than once in different units. NOTE: Always check with your instructor for specific due dates of assignments. Graded Assignments Unit 1 Assignment 1: Computer Basics Review Course Objectives and Learning Outcomes Identify the major needs and major stakeholders for computer networks and network applications. Describe how digital devices store data. Describe the differences between input and output devices. Assignment Requirements In the Chapter Review Activities at the end of Chapter 1 in the Odom textbook (answers can be found in the textbook): Respond to the multiple-choice questions. Complete the List the Words inside Acronyms table. Required Resources Odom textbook Computer with word processing software Internet access Printer Submission Requirements: Submit your responses as a typed document using Arial or Times New Roman 12-point font, double-spaced. Label your assignment Unit 1 Assignment 1. Unit 2 Assignment 1: Identifying Network Topologies Course Objectives and Learning Outcomes * Identify the major needs and major stakeholders for computer networks and network applications. * Identify the classifications of networks and how they......

Words: 16182 - Pages: 65