tools for monitoring changes to files and memory
Tools for Monitoring Changes to Files and Memory
Learning Objectives and Outcomes
- Examine a network and server monitoring solution in detail.
- Identify the solution’s capabilities and benefits.
You are a digital forensics intern at Azorian Computer Forensics, a privately owned forensics investigations and data recovery firm in the Denver, Colorado area. An enterprise client’s network was recently attacked. Azorian was asked to determine the source of the attack and to suggest a solution for hardening the network, servers, and devices to prevent future attacks. It’s important that the solution can detect changes to files and memory, which might indicate an attack, and allow files or memory to be checkpointed and restored to a preattack condition, if necessary.
Your manager needs your help researching various enterprise monitoring tools, and asked you to gather information about Tripwire and CimTrak.For this assignment use the Internet to research Tripwire and CimTrak and answer the following questions:
- What are three main features of Tripwire and CimTrak?
- How do they detect external attacks?
- Which operating systems do they support?
- What are three business benefits of Tripwire and CimTrak?
Write a professional report that uses appropriate headings to organize information, and use bullet points to clearly delineate the most important information.