My course is Advanced IS security.
1. Consider an ARP poisoning attack. What information would you expect to be collected in an auditing tool? What purpose would that information serve? What would that information tell you about your network health?
2. Explain the purpose and relevance of rogue access points and evil twin access points. How can a network administrator detect their occurrence using an auditing tool?