Computer Hacking Forensic Investigator (CHFI v10) — Question 403

During a recent network intrusion investigation, a CHFI received logs from Juniper IDS, Check Point IPS, and a Kippo Honeypot. Which log provides information about the network traffic and bandwidth adjustment, aiding in business risk valuation?

Answer options

• A. Kippo Honeypot
• B. Juniper IDS
• C. None of the above
• D. Check Point IPS

Correct answer: D

Explanation

The Check Point IPS log is designed to provide detailed information about network traffic and can assist in bandwidth management, which is vital for evaluating business risks. In contrast, the Kippo Honeypot primarily captures interaction data with attackers, while the Juniper IDS focuses more on detecting intrusions rather than managing traffic. Therefore, the correct log for this purpose is the Check Point IPS.