PCAP
PCAP
This individual assessment is designed to assess your ability to detect, analyse, and mitigate
sophisticated cyberattacks from a national security perspective. You will be provided with a PCAP file
containing traces of a suspected attack targeting the critical national infrastructure. The assessment will
require you to identify the type of attack, and its potential impact, and gather counterintelligence to
understand the attacker's methods and objectives. Based on your analysis, you will propose defensive
countermeasures and operational strategies to prevent future attacks.
Scenario Details
The National Military Command and Control System (NMC2S) is designed to:
• Coordinate logistics and operations across the military's command units.
• Ensure secure communication between ground, naval, and air forces.
• Store and process classified defence data crucial for decision-making.
Your PCAP file contains traffic from the network during an attack window. You are expected to identify:
• Reconnaissance activity, including port scans and probes.
• Exploitation attempts, such as exploiting a known vulnerability in the command system's
software.
• Exfiltration or sabotage attempts where the attackers may have attempted to steal classified
data or disrupt communications.
Deliverables
• Technical Report:
• Detailed analysis of the attack, its implications on national security, and recommended
defence strategies.
• The report should include packet analysis from Wireshark, specific references to key
packets, and screenshots.
• You must use a formal report structure (Introduction, Body, Conclusion, References,
Appendices).
• Include a counterintelligence section that outlines your findings about the attackers,
their techniques, and potential future threats.
• Bash Script:
• A script that automates specific network defence tasks (e.g., blocking malicious IPs,
setting up alerts, or scanning for known attack signatures).
• The script must run on Kali Linux VMs provided in the lab environment.
• Ensure the script is well-commented and documented.