Assignment brief

This individual assessment is designed to assess your ability to detect, analyse, and mitigate
sophisticated cyberattacks from a national security perspective. You will be provided with a PCAP file
containing traces of a suspected attack targeting the critical national infrastructure. The assessment will
require you to identify the type of attack, and its potential impact, and gather counterintelligence to
understand the attacker's methods and objectives. Based on your analysis, you will propose defensive
countermeasures and operational strategies to prevent future attacks.

• identified during your analysis.

• plans, and threat intelligence sharing with allies.
• Bash Script Proof of Concept:
• Automate critical responses such as blocking specific IP ranges or isolating infected
network segments.
• Be capable of detecting suspicious activity based on custom-built rules or signatures.
• Run on a Kali Linux VM and generate a concise report on the defensive actions taken.
• Develop a bash script that implements some of the identified defensive measures. This
script should:

Scenario Details
The National Military Command and Control System (NMC2S) is designed to:
• Coordinate logistics and operations across the military's command units.
• Ensure secure communication between ground, naval, and air forces.
• Store and process classified defence data crucial for decision-making.
Your PCAP file contains traffic from the network during an attack window. You are expected to identify:
• Reconnaissance activity, including port scans and probes.
• Exploitation attempts, such as exploiting a known vulnerability in the command system's
software.
• Exfiltration or sabotage attempts where the attackers may have attempted to steal classified
data or disrupt communications.
Deliverables
• Technical Report:
• Detailed analysis of the attack, its implications on national security, and recommended
defence strategies.
 • The report should include packet analysis from Wireshark, specific references to key
packets, and screenshots.
• You must use a formal report structure (Introduction, Body, Conclusion, References,
Appendices).
• Include a counterintelligence section that outlines your findings about the attackers,
their techniques, and potential future threats.
• Bash Script:
• A script that automates specific network defence tasks (e.g., blocking malicious IPs,
setting up alerts, or scanning for known attack signatures).
• The script must run on Kali Linux VMs provided in the lab environment.
• Ensure the script is well-commented and documented.