2015-03-03 - TRAFFIC ANALYSIS EXERCISE

PCAP:

• ZIP archive with PCAP of the traffic:  2015-03-03-traffic-analysis-exercise.pcap.zip

NOTE: ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

SCENARIO

Time for another shift at your organization's Security Operations Center (SOC).  You review some EmergingThreats alerts for Angler exploit kit on a host within your network.

You review the pcap and document the following:

1. Date and time of the activity
2. IP address of the associated desktop (or laptop) computer
3. Host name of the associated desktop (or laptop) computer
4. MAC address of the associated desktop (or laptop) computer
5. Brief summary of the activity

 

FIRST BREAK POINT

• Document the above 5 items.  Click here to see if your answers are accurate.

 

Click here to return to the main page.