Digital Forensics: Network Forensics and Computer Networking Foundations

This FACT-style mock covers the network forensics and computer-networking foundations that every digital-forensics student is expected to control before stepping into a packet capture. The thirty questions sweep across analog and digital signalling, baseband and broadband transmission, classical network topologies including star, bus, ring and mesh, and the geographical taxonomy of LAN, MAN and WAN networks. From there the paper moves into the OSI seven-layer model and the TCP/IP four-layer stack, the canonical PDU vocabulary of frames, packets, segments and datagrams, the difference between TCP and UDP, the TCP three-way handshake, and the well-known port numbers an investigator quotes from memory: 22 for SSH, 25 for SMTP, 53 for DNS, 80 for HTTP, 443 for HTTPS. The IP-addressing block covers classful IPv4 ranges, RFC 1918 private space, loopback and APIPA, CIDR prefix-to-mask conversion, subnet sizing with the /27 worked example, and supernetting for BGP route aggregation. The hardware and switching block separates hub from switch from router, fixes MAC-address structure with the OUI in the first 24 bits, places ARP at Layer 2, and pins the 802.1Q VLAN ID at 12 bits.\n\nThe paper is calibrated for FACT entrance preparation and is equally useful for MSc Digital Forensics, NFSU MSc entrance candidates, UGC-NET Forensic Science Paper II networking sections, and self-study readers using Tanenbaum, Forouzan, Stallings, and Kurose-Ross as their primary texts.\n\nTopics covered:\n- Analog vs digital signalling, baseband vs broadband, digital modulation families\n- Topologies (star, bus, ring, mesh) and network types (LAN, MAN, WAN)\n- OSI seven layers and TCP/IP four-layer stack with PDU vocabulary\n- TCP vs UDP, the three-way handshake, well-known port numbers\n- IPv4 classful ranges, RFC 1918 private space, loopback and APIPA\n- CIDR notation, /24 mask, /27 host arithmetic, supernetting and BGP aggregation\n- Hub, switch, router; MAC address structure; ARP; 802.1Q VLAN tagging; store-and-forward\n- Routing protocol families (OSPF, RIP, BGP), ICMP traceroute, Wi-Fi 4/5/6, WEP/WPA/WPA2/WPA3, bandwidth vs latency vs jitter\n\nUse this as a baseline check on the networking foundation that every subsequent network-forensics paper assumes. Allow 30 minutes.