After completing these activities you should be able to:
In last week’s lab, you analyzed previously captured network traffic using Wireshark. You explored basic protocols like ARP, ICMP, DNS, and HTTP, and learned how to interpret what normal traffic looks like on a network.
This week, you’ll take it a step further by capturing live traffic using Wireshark. This will give you real-time insight into what's happening on the network as it unfolds - a key skill for any network defender. You'll use that information, along with some basic network troubleshooting, to identify and stop malicious traffic impacting system availability.
Specific lab directions are posted in Blackboard. Most actions will be performed through virtual machines using the vSphere Client. You may also wish to reiew lectures on the network stack and Network Security Architectures.
NOTE: Although the lab directions will direct a designated 'group leader' to perform most command-line actions, all lab group members must answer all lab questions. You must work as a team, not leave everything to the group leader!