2020-07-31 - TRAFFIC ANALYSIS EXERCISE - TECSOLUTIONS

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

ASSOCIATED FILES:

• Zip archive of the pcap:  2020-07-31-traffic-analysis-exercise.pcap.zip   2.5 MB (2,540,933 bytes)

• 2020-07-31-traffic-analysis-exercise.pcap   (3,512,271 bytes)

• Zip archive of the alerts:  2020-07-31-traffic-analysis-exercise-alerts.jpg.zip   1.4 MB (1,443,459 bytes)

• 2020-07-31-traffic-analysis-exercise-alerts.jpg   (1,770,626 bytes)

 

 

SCENARIO

LAN segment data:

• LAN segment range:  10.7.31[.]0/24 (10.7.31[.]0 through 10.7.31[.]255)
• Domain:  tecsolutions[.]info
• Domain controller:  10.7.31[.]7 - Tecsolutions-DC
• LAN segment gateway:  10.7.31[.]1
• LAN segment broadcast address:  10.7.31[.]255

 

TASK

• Write an incident report based on the pcap and the alerts.

 

ANSWERS

• Click here for the answers.

 

Click here to return to the main page.