Question: 1) Open the provided capture file using any SimSpace tools you see fit. As a minimum use Network Miner on any kali-Hunt VM and SNORT

1) Open the provided capture file using any SimSpace tools you see fit. As a minimum use Network Miner on any kali-Hunt VM and SNORT on any Win-Hunt VM.

2) Perform an analysis on the captured traffic. Some things you should consider are the following (not all of these happened and may not be all inclusive either): a. How long did the session capture last? b. How many packets were captured? c. How many bytes were captured? d. What protocols were observed? e. When did the bulk of the data get transmitted? f. What caused this transmission spike? g. Were any Internet Service Provider sites were accessed? If so which ones? What accounts? h. What is the name of the host computer? Its IP address? i. What Operating system is it using? j. What does the local network look like? k. What device names are on the local network? l. Did I access any other computers on the local area network? m. Are any other devices on the network?

3) What story does the capture file tell?

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

I believe my home network has had a significant event ( s ) . I only use my network for internet access so I can access my Internet Service Provider ( ISP ) to read email. I am not sure whether this...

1 ) Open the provided capture file using any SimSpace tools you see fit. Use Network Miner and Wireshark on any Win - Hunt VM and SNORT on any Win - Hunt VM . 2 ) Perform an analysis on the captured...

Open the provided capture file using any SimSpace tools you see fit. Use Network Miner and Wireshark on any Win - Hunt VM and SNORT on any Win - Hunt VM . Perform an analysis on the captured traffic....

70-742 Identity with Windows Server 2016 LAB 4 CONFIGURING SERVICE AUTHENTICATION AND ACCOUNT POLICIES THIS LAB CONTAINS THE FOLLOWING EXERCISES AND ACTIVITIES: Exercise 4.1 Configuring Kerberos...

PLEASE ANWSER ALL 16 QUESTIONS Open a terminal window by right-clicking on your VMs desktop and select Open Terminal. 3. Start wireshark. Do this by issuing the command sudo wireshark in your...

PART I 1. Start your INF 284 Ubuntu VM and log in as student. The password is cit247. 2. Open a terminal window by right-clicking on your VMs desktop and select Open Terminal. 3. Start wireshark. Do...

Given code: utils.c (for reference DON'T Modify), utils.h (DON't Modify) and main_template.c (Write Code HERE) --> UTILS.C [DO NOT MODIFY] pasting image cause Chegg character limit >:( --> UTILS.h...

Jones & Bartlett Learning, LLC. NOT FOR RESALE OR DISTRIBUTION CHAPTER Hot Spot Analysis 10 LEARNING OBJECTIVES C A R R Provide a working definition of a \"hot spot.\" , Be able to explain different...

Objectives: To learn about wireless network penetration testing (pen-testing), with authorization, using open source hacking/pen-testing tools running on a Linux platform (e.g., Kali Linux), and ....

Lab 1 Objective To acquaint you with the Intrusion Detection Tools through an interactive session on the virtual machines that were presented in class, Mandiant Flare, and Kali Linux environment. You...

Exercise . Create three arrays as defined below that contains the information based on cars: carName = {"Ford", "BMW", "Mercedes", "Chevrolet"} %3D carCountry = {"American", "German", "German",...

Some 20 million Americans visit chiropractors annually, and the number of practitioners in the United States is 55,000, nearly double the number two decades ago, according to the American...

Which of the following is a true statement about activity-based customer costing? a. Customer diversity requires multiple drivers to trace costs accurately to customers. b. Customers consume...

Compared with half a century ago, adoption has become _ _ _ _ _ _ _ _ _ common, but it is more open and acceptabl e , so we probably discuss it _ _ _ _ _ _ _ . fill in the blanks more or much less or...

Question What is the tax credit for employer-provided child care facilities?

Question Can an employer recover excess assets in a VEBA when it terminates after paying out all benefits due to participants?

Question How is a term loan to an executive treated for tax purposes?