Monitoring Outputs - The primary response includes all three parts Part 1: What technology or technologies could you use to log internet endpoints and bandwidth consumption between clients and servers on a local network? What would you do if you did not have the resources to capture and store all network packets? Part 2: You are investigating a data exfiltration event and have obtained the web server logs of the host that data was exported to over the Internet from the hosting provider. The logs contain only the external IP address of your company's router/firewall and a high-level TCP port number. How can you use the log to identify the local host on your network that was used to perform the exfiltration? Part 3: Go to the Search bar at the left bottom corner of your computer. Type in Event Viewer (Local). Click on the app provided in the search. Open the Event Viewer and expand the Windows Logs section. Review the application and Security event logs. What do you notice? Share in the discussion post what you located and why it is important to review those specific logs on a regular basis..