2018-02-13 - TRAFFIC ANALYSIS EXERCISE - OFFICE WORK

ASSOCIATED FILES:

• Zip archive of the pcap:  2018-02-13-traffic-analysis-exercise.pcap.zip   3.8 MB (3,831,028 bytes)

NOTES:

• All zip archives on this site are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

SCENARIO

Do you have an office job?  Are you tired of sitting at your computer all day?  If so, don't get a career in IT network security (buzzword: cyber).  You won't be able to escape the desk!

Shown above:  Office work is even part of job for the Hot Streets team.

 

Where's the scenario in all of this?  Some office person was infected with malware on a work computer.  You must figure out what happened, and you must also determine who it happened to.

 

YOUR TASK

Review the pcap, and document the following:

• Date and time of the malicious activity in UTC (GMT).
• IP address of the affected Windows host.
• Mac address of the affected Windows host.
• Host name of the affected Windows host.
• User account name on the affected Windows host.
• What malware might be involved.

 

ANSWERS

• Click here for the answers.

 

Click here to return to the main page.