PART 2 TASK 4 Filtering, Inspecting, and Analyzing Packet Capture with Wireshark Think of the fact that a DoS attack tries to make a web resource unavailable to legitimate users by flooding the target URL host with more requests to overwhelm the server What can you infer from the statistical information in the Destination and Ports window as far as a DoS attack is concerned Cybercriminals can illegitimately use DoS attacks to extort money from companies They may also use ransomware vis social engineering Determine if this is a Distributed Denial of Service (DDoS) or DoS attack hint a DDoS attack originates from multiples sources almost simultaneously What is your point of view of the Rate and Percent columns of the Statistics output with respect to the Count column Does this information indicate any possibility of a compromise If so, why Besides the DDoS attack, do you see any indication of any attack such as brute force, SQL injections attack upon analyzing the web traffic Why or why not How is this indication different from the Statistics information retrieved earlier and from the perspective of this attack What legitimate or illegitimate role does the host user with the 192 168 10 111 IP address play in the suspected attack If malicious actors got into your network to access your network security logs, how could they use the packet details to their advantage Specifically, what utilities within Wireshark can you count on From the details of the packet details pane above, why do you think there are several ICMP destination ports unreachable Does this suggest an indication of an attack Please comment on your observations PART 2TASK 5, 6 Scanning Multiple Hosts and Networks with Zenmap What is your opinion about the results and the security implications of the output of this tab Comment on the data of interest in your findings such as host status and ports used How many ports are reported by the scans, and how more so many are open ports What is one most impactful security vulnerability in your opinion Recommend a good mitigation strategy to address any vulnerabilities identified What can you say about the results when scanning multiple hosts and or a subnet compared with the individual host scans Recommend a good mitigation strategy to address any vulnerabilities identified In your opinion, why are some hosts reported as down Do you recognize any security concerns Hint use the ping utility to see if any IP within the range is reachable from the Windows machine

The Answer is in the image, click to view ...

Question: PART 2 TASK 4: Filtering, Inspecting, and Analyzing Packet Capture with Wireshark Think of the fact that a DoS attack tries to make a web

PART 2TASK 4: Filtering, Inspecting, and Analyzing Packet Capture with Wireshark

Think of the fact that a DoS attack tries to make a web resource unavailable to legitimate users by flooding the target URL/host with more requests to overwhelm the server. What can you infer from the statistical information in the Destination and Ports window as far as a DoS attack is concerned?
Cybercriminals can illegitimately use DoS attacks to extort money from companies. They may also use ransomware vis social engineering. Determine if this is a Distributed Denial of Service (DDoS) or DoS attack [hint: a DDoS attack originates from multiples sources almost simultaneously].
What is your point of view of the Rateand Percentcolumns of the Statisticsoutput with respect to the Count column? Does this information indicate any possibility of a compromise? If so, why?
Besides the DDoS attack, do you see any indication of any attack such as brute force, SQL injections attack upon analyzing the web traffic? Why or why not?
How is this indication different from the Statistics information retrieved earlier and from the perspective of this attack?
What legitimate or illegitimate role does the host/user with the 192.168.10.111 IP address play in the suspected attack?
If malicious actors got into your network to access your network security logs, how could they use the packet details to their advantage? Specifically, what utilities within Wireshark can you count on?
From the details of the packet details pane above, why do you think there are several ICMP destination ports unreachable? Does this suggest an indication of an attack? Please comment on your observations.

PART 2TASK 5, 6: Scanning Multiple Hosts and Networks with Zenmap

What is your opinion about the results and the security implications of the output of this tab? Comment on the data of interest in your findings such as host status and ports used.
How many ports are reported by the scans, and how more so many are open ports?
What is one most impactful security vulnerability in your opinion? Recommend a good mitigation strategy to address any vulnerabilities identified.
What can you say about the results when scanning multiple hosts and/or a subnet compared with the individual host scans?
Recommend a good mitigation strategy to address any vulnerabilities identified.
In your opinion, why are some hosts reported as down? Do you recognize any security concerns? [Hint: use the ping utility to see if any IP within the range is reachable from the Windows machine].

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Computer Network Questions!

Managing Scope Changes Case Study Scope changes on a project can occur regardless of how well the project is planned or executed. Scope changes can be the result of something that was omitted during...

QUIZ... Let D be a poset and let f : D D be a monotone function. (i) Give the definition of the least pre-fixed point, fix (f), of f. Show that fix (f) is a fixed point of f. [5 marks] (ii) Show that...

re Regular Languages and Finite Automata (a) Let L be the set of all strings over the alphabet {a, b} that end in a and do not contain the substring bb. Describe a deterministic finite automaton...

The standard manufacturing process for thin-film resistors produces resistors with an average of 1k and a standard deviation of 3.5 Q. Twenty samples of a new process were tested, and the data can be...

Return to www.howtoinvestigate.com. Read the section entitled Business Background Checks. a. What does a complete business investigation include? b. Suppose you hire someone to perform some work on...

=+5 What actions involving the four marketing mix elements might be used to reach the target market in question 4?

=+b) Is this model appropriate for this series? Explain.

The accountant for Nellys Dress Shop prepared the fourth quarter 2011 cash budget that appears on the following spreadsheet. Nellys has a policy to maintain a minimum cash balance of $14,000 before...

Vanishing Games Corporation (VGC) operates a massively multiplayer online game, charging players a monthly subscription of $12. At the start of January 2018, VGC's income statement accounts had zero...

you are thinking of buying a craft emporium, it is expected to generate cash flows of 30,000 per year in years 1 through 5, and $40,000 per year in 6 through 10. if the appropriate discount rate is 8...

Is Your Process Documentation a Mess? Below is an excellent video on the pitfalls of process documentation messes: https://www.youtube.com/watch?v=L5co8_S9BeU What are your thoughts?

Operation Research Problem: The Ohio water company is getting ready for the hotter months, which make it harder to obtain water. They have two water sources: some of it comes from their own aquifer,...

Suggest a standard venue and a unique venue option for each of the events listed below. The advantages and challenges associated with each venue. -Corporate Management Retreat Charity Fundraising...

Suman Corporation In mid-April, Mike Bradie, vice president of supply chain management at Suman Corporation (Suman), had become increasingly concerned about the potential shortage of supply of barac,...

Briefly describe the main purpose of normalization in database design. (3 marks) (6 marks) (b) Describe the rules of one normal form (INF), 2 NF and 3 NF. (c) You work as an administrator in UCSI Pet...

In SQL, can you specify a foreign key to non-unique columns? Why or why not?

If the amplifier indicated by the box input impedance of oo, which of the following statements are true ? has an open loop gain as well as Feedback factor (\beta = 1/ R_1\) The feedback is voltage...

Why do you think the researchers used ethanol in both the conditions? You will nd the answer later in this section.

Review the studies discussed in this section and apply the seven listed limitations to them. Is it likely that these limitations were inherent in the studies? Which of the studies were most...

Science is a logical system, but it is also a social institution. So does science develop primarily according to the laws of logic or the laws of society? There have been dierent perspectives on this...