Professional Documents
Culture Documents
Tata Cara Skill Based Assessment (Sba) : Huruf Berwarna Biru
Tata Cara Skill Based Assessment (Sba) : Huruf Berwarna Biru
Contoh:
2. Jawaban diketik dengan huruf berwarna biru. Garis-garis untuk jawaban dalam file ini boleh
dihilangkan.
3. Sebelum di kumpulkan, save dalam format PDF.
4. Download dan import Virtual Machine (VM) Security onion SBA OVA file ke virtual box dan
jalankan security onion.
5. Jawab pertanyaan dalam file ini dengan mengacu pada VM Security Onion SBA.
6. Pertanyaan HARUS DIJAWAB SEMUA, Tidak boleh ada pertanyaan yang kosong.
7. Jawaban dalam bentuk PDF dikirim melalui link didalam netacad. Ikuti petunjuk dibawah ini.
© Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 5
Skills Assessment CCNA Cybersecurity Operations v1.0
Content for this assessment was obtained from http://www.malware-traffic-analysis.net/ and is used with
permission. We are grateful for the use of this material.
Addressing Table
The following addresses are preconfigured on the network devices. Addresses are provided for reference
purposes.
© Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 5
Skills Assessment CCNA Cybersecurity Operations v1.0
g. What is the MAC address of the internal computer involved in the events? How did you find it?
____________________________________________________________________________________
h. What are some of the Source IDs of the rules that fire when the exploit occurs? Where are the Source IDs
from?
____________________________________________________________________________________
i. Do the events look suspicious to you? Does it seem like the internal computer was infected or
compromised? Explain.
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
j. What is the operating system running on the internal computer in question?
____________________________________________________________________________________
© Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 5
Skills Assessment CCNA Cybersecurity Operations v1.0
v. What is the most common file type that is related to that vulnerable software?
____________________________________________________________________________________
w. Use ELSA to gather more evidence to support the hypothesis that the host you identified above delivered
the malware. Launch ELSA and list all hosts that downloaded the type of file listed above. Remember to
adjust the timeframe accordingly.
Were you able to find more evidence? If so, record your findings here.
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
x. At this point you should know, with quite some level of certainty, whether the site listed in Part 3b and
Part 3c delivered the malware. Record your conclusions below.
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
© Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 5
Skills Assessment CCNA Cybersecurity Operations v1.0
© Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 5