Network-based attacks are the most common way that attackers can deliver malware and exfiltration data from your computer systems. A network analysis discovers the who, when, and what of a network attack.
Scenario: A recent network intrusion from an unknown attacker exfiltrated critical data from your company’s next generation computing platform. You have been called in to examine the data capture from the network.
In a Word document a minimum of 350 words in length, document the process as you go so it can be replicated; use screen captures to prove completion of each step.
This assignment requires the use of the following resource, located in the Student Success Center: Digital Forensics: ITT-375 Topic 6 Assignment: NetCap.
Using the network capture, conduct the following investigation:
- What was the attacker’s IP address?
- What was the target server’s IP address?
- What tool(s) did the attacker use to locate the target server, and what did they do?
- What tool(s) did the attacker use to exploit the target server? What vulnerability (port) did the attacker exploit?
- What was the name of the file that the attacker exfiltrated?
- Report the findings of your investigation. As this is part of an investigation, you need to provide your step-by-step process.
- From a biblical perspective, “We are the clay, and God is the potter.” Technology is a tool in human hands and it cannot be greater than its wielder, but sometimes it is being used maliciously like the data breach in this scenario. Examine the application of the Christian worldview within the context of cybersecurity by providing your insights of hackers.