DFE Module 08 – Network Forensics

12345678910111213141516171819202122232425
Across
  1. 5. Intercepting unsecured connections to steal personal information
  2. 11. Command line packet sniffer used to capture and analyze network packets
  3. 12. Flooding a target with traffic to deny service to legitimate users
  4. 13. Logs containing details about network connectivity and routing
  5. 16. Decoy system designed to lure and study attacker behavior
  6. 18. Capturing network traffic to obtain sensitive information
  7. 22. Records of allowed or denied network traffic for security monitoring
  8. 23. Contain assigned IP addresses and timestamps for network devices
  9. 24. Capturing recording and analyzing network events to discover the source of security incidents
  10. 25. Taking over an active user session to gain unauthorized access
Down
  1. 1. GUI tool used to capture and analyze live or recorded network traffic
  2. 2. Faking an IP address to appear as a trusted host
  3. 3. Suspicious network communication caused by infected systems
  4. 4. Records generated by intrusion detection systems to identify anomalies
  5. 6. Analysis performed during an ongoing attack to respond quickly
  6. 7. Intercepting and relaying messages between two parties
  7. 8. Mapping attacker’s MAC address to victim’s IP address to intercept traffic
  8. 9. Relating multiple events to identify patterns or root causes
  9. 10. Digital forensic artifact indicating a potential security breach
  10. 14. Unauthorized wireless access point set up to steal data
  11. 15. Attempt to gain FTP credentials by repeated login failures
  12. 17. Analysis of logs after an incident has already occurred
  13. 19. Attack that overwhelms a server with half open TCP connections
  14. 20. Converting data from different log formats into a common format
  15. 21. Wireshark feature that allows filtering of captured packets for analysis