Johnson is an incident handler and is working on a recent web application attack faced by his organization. As part of this process, he performed data preprocessing in order to analyze and detect the watering hole attack. Johnson preprocessed the outbound network traffic data collected from firewalls and proxy servers. He then started analyzing the user activities within a certain time period to create time ordered domain sequences to perform further analysis on sequential patterns. Identify the data-preprocessing step performed by Johnson.

Chandler is a professional hacker who is targeting an organization called Technote. He wants to obtain important organizational information that is being transmitted between different hierarchies. In the process, he sniffs the data packets transmitted through the network and then analyzes them to gather packet details such as network, ports, protocols, devices, issues in network transmission, and other network specifications.
Which of the following tools can Chandler employ to perform packet analysis?

The person who offers his formal opinion as a testimony about a computer crime incident in the court of law is known as:

What command does a Digital Forensic Examiner use to display the list of all open ports and the associated IP addresses on a victim computer to identify the established connections on it:

Which of the following is a technique used by attackers to make a message difficult to understand through the use of ambiguous language?