Perform a host forensic analysis on the specified virtual system that was compromised in the exploit topic of the course. At a minimum, include system logs and file system changes. Respond to the following questions:
What did the attacker do?
What traces did they leave?
Could you use your findings in legal proceeding? Why or Why not?
Keep in mind that you exploited this virtual machine using Metasploit and a well-known vulnerability. Ensure that you understand the evidence that these tools leave behind.
Document the analysis in a 500- to 750-word paper, taking screenshots as you go.
Use industry standard technical writing.
In addition, within the analysis, address the following questions. Refer to the required readings prior to addressing these questions.
How could the "Kill-Chain Methodology" be used to prevent this type of attack in the future?
Would the Diamond Model of Intrusion Analysis influence your analysis?