Network Forensics

History

Internet/Wireless

Law Enforcement

Systems

Network Forensics

100

Steve Jobs and Steve Wozniak were involved in this early form of hacking.

What is Phreaking?

100

Network forensics is becoming more widely known because this is growing rapidly.

What is the Internet?

100

The main goal of Law Enforcement in Network Forensics.

What is collecting evidence?

100

A monitoring tool used in Network Forensics on Ethernet.

What is a Sniffer?

100

Improving network performance is one reason for this.

What is Network Forensics?

200

This organization was founded in response to the government violating the rights of a small game company.

What is EFF?

200

Wireless forensics is a sub-discipline of this.

What is network forensics?

200

Two tasks of law enforcement are searching for keywords and parsing human communications, and this.

What is reassembling transferred files?

200

One concern associated with the Catch-it-as-you-can System.

What is privacy?

200

An attack that uses multiple attempts at intrusion until it succeeds.

What is Brute Force?

300

This worm infected 10% of the Internet by infecting UNIX systems.

What is the Morris Worm?

300

This wireless access point that has been installed on a network without authorization.

What is a Rogue Access Point?

300

This is a common type of network for law enforcement of network forensics.

What is peer-to-peer network.

300

A system where packets are analyzed in memory and only certain information is saved.

What is Stop, Look, and Listen?

300

This scam has caused 100's of millions in losses and shows the problem with jurisdiction.

What is the Nigerian Scam?

400

The Love Bug and the Nigerian scam demonstrate this network forensics law enforcement problem.

What is Jurisdiction?

400

This has been developed to monitor and secure wireless networks by identifying rogue wireless networks and devices, detecting intruders and impending threats, and enforcing wireless network security policies (Hints: WIPS).

What is Wireless Intrusion Protection Systems?

400

This is a common way for a corporation to use law enforcement when traffic that violates the law is discovered.

What is a corporate incident response team?

400

A system involving brute force where all the packets are captured and analyzed later.

What is Catch-it-as-you-can?

400

Found during the discovery process, these are examined when you analyze the data.

What are Patterns or Anomalies?

500

A German hacker working for the KGB was discovered over this type of error.

What is an accounting error?

500

This company is believed responsible for the recent DDOS attack that used open DNS servers and slowed much of the Internet in Europe.

What is Cyberbunker or Stophaus?

500

A method for law enforcement, commonly known as network traffic dump.

What is acquire data in transit?

500

Network Forensics Products are sometimes referred to as this (Hint: NFATs).

What is Network Forensic Analysis Tools?

500

The four main capabilities of Network Forensics.

What is Capturing, Recording, Discovering, and Analyzing Data?