All operating system (OS) log files have been examined for suspicious activity. The event logs searched were for applications, security, configuration, system, and applications and services. According to Sunil Gupta (2013), “Windows has the ability to generate a detailed audit record of security events on each system. Windows logs events for both types of security accounts: Computer and User for their connection and authentication” (p.21). The application log was searched for program and application errors and events. Security logs were checked for device connections and file and folder manipulation. Installation logs were searched for information about the programs installed on the device. System logs provided information about the operation of Windows operating system components. Finally, since all laptops examined ran Windows 7, application and service logs were examined for finer-grained logging of events from individual components. Network intrusion poses a threat to information contained on servers and devices residing there. the internal network. From inside and outside the network, the snort port scanner was used to probe the network for unused but open ports, which could potentially become the vector for a network breach. Within the network, this was done to be comprehensive in the evaluation. From outside the network, the analysis was done to see the problem from an outsider's perspective. Wireshark, a network sniffer, was used from inside the network to analyze network traffic as it traversed the network. The program captures traffic in real time for analysis. Captured data can be retained for immediate or future analysis. The captured data was verified...... middle of paper ......ov/publications/securing-your-web-browserGupta, S. (2013). Forensic analysis of Windows connections. Accessed March 30, 2014, from https://www.sans.org/reading-room/whitepapers/forensics/windows-logon-forensics-34132Hadnagy, C. (nd). Social engineering (SE) is both incredibly complex and surprisingly simple. Retrieved March 30, 2014 from http://www.social-engineer.org/Higgins, K. (2012). Five significant insider attacks in 2012. Retrieved March 30, 2014, from http://www.darkreading.com/vulnerabilities---threats/five-significant-insider-attacks-of-2012/d/d-id/1138865?Maras , M. (2012). Computer forensics: cybercriminals, laws and evidence. Sudbury. Jones and Bartlett Learning LLC. National Institute of Standards and Technology. (2012). SP800-30 Guide for Conducting Risk Assessments. Accessed March 30, 2014, from http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf