2015-03-03 - TRAFFIC ANALYSIS EXERCISE

PCAP:

NOTE: ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

SCENARIO

Time for another shift at your organization's Security Operations Center (SOC).  You review some EmergingThreats alerts for Angler exploit kit on a host within your network.

You review the pcap and document the following:

  1. Date and time of the activity
  2. IP address of the associated desktop (or laptop) computer
  3. Host name of the associated desktop (or laptop) computer
  4. MAC address of the associated desktop (or laptop) computer
  5. Brief summary of the activity

 

FIRST BREAK POINT

 

Click here to return to the main page.