Digital Investigation HW4

In a meeting with the CEO and CTO of an IDS company you have been  asked to represent the corporate investigative and incident response  team concerning the benefits of using advanced tools, such as IDS/IPS,  and forensics tools to be alerted of suspicious network activity and to  securely investigate/analyze and audit many machines simultaneously over  the LAN/WAN at the disk and memory level. They do not understand the  concept of auditing over the network, its security benefit to the  organization, and the outcomes. In addition, they would like to you to  discuss in the meeting if the use of WinDump, Snort and TCPdump tools  will provide the corporate security team with needed insight into the  network traffic.

The report should include the following: 

• A title page  
• An MS Word document containing the following:   
  • A title page with the names of the participating members  
  • An Introduction (Abstract optional) detailing the major points of the discussion and major points  
  • the benefits to the incident response team concerning the use of IDS/IPS  
  • how typical system auditing is done across corporate networks and its benefits  
  • how the use of WinDump, Snort and TCPdump tools will provide  the corporate security team with needed insight into the network traffic   
  • the use of APA in the main body of the paper to support all technical assertions (e.g., Mahaney, 2010)  
  • a reference list in APA format 

The report should be a minimum of 5–8 pages in length (excluding the  title page) and neatly formatted. Sources should be properly cited in  APA style. All major bullets should be expanded in the speaker notes of  the document. References should be placed in APA in the reference list.