Please answer all parts (2 3 lines answer only) for Upvote 1 a) What is Grey Listing b) Why is important to periodically monitor and provide a baseline of the top 5000 domain names being accessed by your organization c) Assume that alter the grep command to search the var log messages file for the IP address of 5 79 11 202 For example What type of network forensic evidence can we discover about IP address 5 79 11 202 from the preceding grep example d) Linux will store DNS network forensic evidence in var log messages file Since Linux stores a lot of evidence, the grep commands is used to filter the message log and will search for www reddit com The following is a sample of one DNS forward lookup Describe and explain the network forensic evidence for each field of this entry using the following table grep 5 79 11 202 var log messages 1457131141 17235911192 168 75 4511192 168 75 111INI Idcs cb philips com I JA115 79 11 2021119101 11

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Sep 25, 2024

Please answer all parts (2-3 lines answer only) for Upvote. 1. a) What is Grey Listing? b) Why is important to periodically monitor and provide

Please answer all parts (2-3 lines answer only) for Upvote.

1. a) What is Grey Listing?

b) Why is important to periodically monitor and provide a baseline of the top 5000 domain names being accessed by your organization?

c) Assume that alter the grep command to search the var/log/messages file for the IP address of 5.79.11.202. For example;

image text in transcribed

What type of network forensic evidence can we discover about IP address 5.79.11.202 from the preceding grep example?

Linux will store DNS network forensic evidence in /var/log/messages file. Since Linux stores a lot of evidence, the grep commands is used to filter the message log and will search for www.reddit.com

The following is a sample of one DNS forward lookup.

image text in transcribed

Describe and explain the network forensic evidence for each field of this entry using the following table

image text in transcribed

# grep 5 . 79. 11. 202 /var/log/messages 1457131141.17235911192.168.75.4511192.168.75.111INI Idcs.cb.philips.com. I JA115.79.11.2021119101 11

Step by Step Solution

There are 3 Steps involved in it

Step: 1

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

Step: 3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Practical Issues In Database Management A Refernce For The Thinking Practitioner

Authors: Fabian Pascal

1st Edition

0201485559, 978-0201485554

More Books

Students also viewed these Databases questions

Question

How do Porters competitive forces model, the value chain model, synergies, core competencies, and network-based strategies help companies use information systems for competitive advantage? Define...

Answered: 1 week ago

Question

★★★★★

Edelman Engineering is considering including two pieces of equipment, a truck and an overhead pulley system, in this year's capital budget. The projects are independent. The cash outlay for the truck...

Answered: 1 week ago

Question

★★★★★

Please answer all parts (2-3 lines answer only) for Upvote. 1. a) What is Grey Listing? b) Why is important to periodically monitor and provide a baseline of the top 5000 domain names being accessed...

Answered: 1 week ago

Question

★★★★★

are pro forma statements projections and not guarantees

Answered: 1 week ago

Question

★★★★★

A 4 kg block is sliding at a constant velocity of 1.5 m/s on a table, due to the pull of a hanging 0.5 kg mass as shown to the right. What is the consistent force of friction (Ff) acting between the...

Answered: 1 week ago

Question

★★★★★

. A manufacturer plans to introduce a new type of shirt based on the following information. The selling price is $35.00; variable cost per unit is $15.00; fixed costs are $8200.00; and capacity per...

Answered: 1 week ago

Question

★★★★★

45. Smelly Perfume Company manufactures and distributes several different products. The company currently uses a plantwide allocation method for allocating overhead at a rate of $7 per direct labor...

Answered: 1 week ago

Question

★★★★★

Knowing that there are many disasters that exceed local resources, but don't rise to the level of federalsupport, how can an emergency manager at a local or state level manage expectations for these...

Answered: 1 week ago

Question

★★★★★

A local University conducted a survey of over 2,000 MBA alumni to explore the issue of work-life balance. Each participant received a score ranging from 0 to 100, with lower scores indicating a...

Answered: 1 week ago

Question

★★★★★

4. You are the HR Director for an insurance company with regional offices in several states. For each office, you want to be sure that the administrative assistants reporting to the regional manager...

Answered: 1 week ago

Question

★★★★★

LO4 Specify why profit sharing and employee stock ownership are popular organizational incentive plans.

Answered: 1 week ago

Question

★★★★★

3. Recently, larger companies have been in the news because of violations of overtime regulations. How should your Human Resources department protect itself from these devastating claims? Brainstorm...

Answered: 1 week ago

Previous Question Next Question