Student Exercises Complete all tasks below, providing explanation on how you identified your answers. You should write a lab report responding to all questions and points outlined below. Screenshots should be used but sparingly and only of the relevant information, not your whole desktop. Make sure that the events are understandable, as some PCAP files will require more complex analysis than others. Any of the tools discussed in the labs so far can be used You are Security Operations Center Analyst for GlobalComm. Over the last few hours, the SOC has received a number of alerts and has tasked you with providing an analysis. Investigate the following PCAPs and write a report to the CISO of GlobalComm. Provide a "story" around each PCAP file observed in your analysis. There should be a start, middle and ending. Take into account time line between events and alerts. Additional research around the events is encouraged. Include hosts impacted by the events. Remediation recommendations should be provided for each incident to prevent this from happening in the future Task 2 - Access Control Lists - Extra Credit 15 pts Use IPTables to create the following ACL's on your SecurityOnion VM. Use Wireshark to observe the traffic Block Traffic to an IP Address . On SecurityOnion, create an outbound ACL to block traffic to a particular IP address Attempt to visit the site and capture the traffic with wireshark o What occurs to the packets when they try to access the blocked IP? o What TCP flags are used in this situation? Block Protocol On SecurityOnion, create an outbound ACL to block ICMP traffic Attempt to ping that IP Address and capture the traffic with wireshark o Whatoccrs to the packets when they try use the blocked protocol? Page 1