2018-02-13 - TRAFFIC ANALYSIS EXERCISE - OFFICE WORK

ASSOCIATED FILES:

• Zip archive of the pcap:  2018-02-13-traffic-analysis-exercise.pcap.zip   3.8 MB (3,831,028 bytes)

 

SCENARIO

Do you have an office job?  Are you tired of sitting at your computer all day?  If so, don't get a career in IT network security (buzzword: cyber).  You won't be able to escape the desk!

Shown above:  Office work is even part of job for the Hot Streets team.

 

Where's the scenario in all of this?  Some office person was infected with malware on a work computer.  You must figure out what happened, and you must also determine who it happened to.

 

YOUR TASK

Review the pcap, and document the following:

• Date and time of the malicious activity in UTC (GMT).
• IP address of the affected Windows host.
• Mac address of the affected Windows host.
• Host name of the affected Windows host.
• User account name on the affected Windows host.
• What malware might be involved.

 

ANSWERS

• Click here for the answers.

 

Click here to return to the main page.