Network Traffic Investigation
Resolving real-world alerting gaps by diving deep into live network traffic. Across three interconnected investigations, you'll expose a rogue Active Directory network harboring malware, trace an actively infected Windows host communicating with an external command-and-control server, and gather evidence of corporate policy violations — all from captured network data.
By CyberTask Engineer · Easy level
14
Tasks
1
Sections
102
Points
1 hr
Duration
What You'll Learn
- Investigate three interconnected network security incidents from a single PCAP
- Detect rogue Active Directory infrastructure and malware downloads
- Profile compromised hosts and trace C2 communication channels
Prerequisites
- Basic networking knowledge
- Understanding of Active Directory concepts
Tools & Technologies
Wireshark
VirusTotal
Kerberos Analysis
DNS Tools
Ready to Begin?
Sign in or create an account to start this lab and earn points.