Cyber

Exam Content

1.

Top of Form

You are hired by an organization to analyze packet captures from a wireless network. You are looking to assess if the captures pose a threat.

 

Analyze the packet captures provided by Wireshark by doing the following:

 

Visit the  Gitlab SampleCaptures  webpage to download the following:  

· wpa-Induction.pcap.gz Wi-Fi 802.11 WPA traffic

· wpa-eap-tls.pcap.gz WiFi 802.11 WPA-EAP/Rekey sample

· nb6-hotspot.pcap Someone connecting to SFR's wireless community network

· ciscowl.pcap.gz (libpcap) Cisco Wireless LAN Context Control Protocol (WLCCP) version 0x0 

· wap_google.pcap contains two WSP request-response dialogs

 

Note: Only download these sample captures. Other captures may set off your computer’s system defenses.

 

Use Wireshark to view and analyze the sample captures.

 

Create a 1- to 2-page table that ranks the packet captures from the highest to lowest threat. In your table, provide the following for each packet capture:

· Description of the traffic

· Description of the risks, if any, the traffic poses to the wireless network

· Countermeasures to take to secure the network from any threat

 

Write a 2- to 3-page memo to management as a network security specialist, and ensure you do the following:

· Explain how to distinguish hostile packet data from normal packet data.

· Explain how to recognize any attack signatures in the packets you analyze.

· Provide a rationale for ranking the packets as you did.

 

Format any citations according to APA guidelines.

Bottom of Form