Discussion: Network investigation
You are the lead investigator for a major intelligence agency in the Washington, DC area. You are in a security meeting with the network administrators. The meeting concerns a worm that has infected the enterprise network spanning several continents. The network analysts are struggling to find the entry point for this worm. With a network forensics analysis tool (NFAT), the network administrators are performing real-time analysis watching the worm travel across the network.
• You request that the network administrators find out how this worm is traveling across the network.
o Describe how the administrators will find where there has been increased threat activity.
o Describe how the administrators will find where there is increased activity either in the network ports or e-mail servers.
o Describe how time stamps will play a role in backtracking in time until the point of entry for the worm is located watching the worm travel across the network.
The paper should be 3-5 pages written in Word and should provide descriptions for the 3 bullets above, containing a title page, introduction, main body, conclusion, and reference list in APA format.