Exam Content
1.
You are hired by an organization to analyze packet captures from a
wireless network. You are looking to assess if the captures pose a
threat.
Analyze
the packet captures provided by Wireshark by doing the
following:
Visit
the
Gitlab SampleCaptures
webpage to download the following:
o
wpa-Induction.pcap.gz Wi-Fi 802.11 WPA traffic
o
wpa-eap-tls.pcap.gz WiFi 802.11 WPA-EAP/Rekey sample
o
nb6-hotspot.pcap Someone connecting to SFR's wireless
community network
o
ciscowl.pcap.gz (libpcap) Cisco Wireless LAN Context Control
Protocol (WLCCP) version 0x0
o
wap_google.pcap contains two WSP request-response dialogs
Note:
Only download these sample captures. Other captures may set
off your computer’s system defenses.
Use
Wireshark to view and analyze the sample captures.
Create
a 1- to 2-page table that ranks the packet captures from the
highest to lowest threat. In your table, provide the following for each
packet capture:
o
Description of the traffic
o
Description of the risks, if any, the traffic poses to the wireless
network
o
Countermeasures to take to secure the network from any threat
Write
a 2- to 3-page memo to management as a network security
specialist, and ensure you do the following:
o
Explain how to distinguish hostile packet data from normal
packet data.
o
Explain how to recognize any attack signatures in the packets
you analyze.
o
Provide a rationale for ranking the packets as you did.
Format
any citations according to APA guidelines.
