Question
Situation: Email Roulette You're working as an analyst at a Security Operations Center (SOC) for a Thanksgiving-themed company. One quiet evening, you hear someone knocking
Situation: Email Roulette
You're working as an analyst at a Security Operations Center (SOC) for a Thanksgiving-themed company.
One quiet evening, you hear someone knocking at the SOC entrance. As you answer the door, an exhausted mail server technician stumbles in and quickly falls to the floor. He whispers in a shaky voice, "Mail filters are down... Spam everywhere..."
As you help him up, he looks to the sky and yells, "The gates of hell have opened!"
The technician immediately collapses again and softly whispers, "The horror... The horror..."
The mail filter outage lasted throughout the next day. Fortunately, very few incidents were reported. But one example caught your eye.
During the mail filter outage, one of the company employees decided to play "email roulette." The employee opened one of the malicious emails from his inbox and treated it as a legitimate message.
1. Download this PCAP and open these emails
2. Review the sample analysis (Links to an external site.)Links to an external site. discussing these questions:
Date and approximate time of the infection.
The infected computer's IP address.
The infected computer's MAC address.
The infected computer's host name.
Which email the employee opened.
resource: http://www.malware-traffic-analysis.net/2015/11/06/index.html
Complete a 3-5 page reflection Situation #2. Given these sample incident reports, write about what you learned, what you have questions about, what you researched as part of this review, and anything else you feel is relevant.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started