Students analyze suspicious network traffic moving in and out of a US military aide’s personal laptop. Using packet capture (PCAP) files, they will determine if it was infected by malware and if so what malware and how the infection occurred.
OBJECTIVE: Analyze suspicious network traffic in a PCAP using Snort and Wireshark.
OBJECTIVE: Recognize a cushion redirect in network traffic.
OBJECTIVE: Recognize the identifying features of a specific exploit kit.
OBJECTIVE: Recognize a malware payload being transferred to a targeted host.