Analyze Malicious Activity
Welcome to the Analyze Malicious Activity practice lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.
Recognizing indicators of network and application attacks is an essential cybersecurity skill. Indicators of compromise and attack enable organizations to respond to attacks effectively and protect sensitive information.
In this module, you will become familiar with brute force attacks, command injection, and a SYN flood network attack, as well as their indications.
Overview
Learning Outcomes:
In this module, you will complete the following exercises:
- Exercise 1 - Observe Indications of a Brute Force Attack
- Exercise 2 - Conduct Command Injection and Observe Indications
- Exercise 3 - Observe Indications of a SYN Flood Attack
After completing this module, you should be able to:
- Perform SMB enumeration and login attempt.
- Conduct and observe a scripted brute force attack.
- Conduct command injection.
- Create a reverse shell through command injection.
- Observe normal activity.
- Conduct and observe a SYN flood attack.
Exam Objectives:
The following exam objectives are covered in this module:
2.4 Given a scenario, analyze indicators of malicious activity
- Application attacks
- Password attacks
- Indicators
4.1 Given a scenario, apply common security techniques to computing resources
- Monitoring
4.9 Given a scenario, use data sources to support an investigation
- Log data