Imagine you are testifying in court about anomalous activity on the network. The attorney asks you how the Internet traffic indicated unusual activity and how you knew this was unusual. Explain how you would answer this question on the stand using two specific examples and discuss how these examples would convince the attorney that your reasoning as to how you knew the internet traffic was unusual was valid.
References
Meghanathan, N., Allam, S.R., & Moore, L.A. (2009). . International Journal of Network Security & Its Applications, 1(1). 14-25.
Jones, A.K., & Sielken, R.S. (2000). .
Bromiley, M. (2016). . SANS Institute.
Wadner, K. (2015). . SANS Institute.
