Professional Documents
Culture Documents
The Exemplar Explained - Cybersecurity Incident Report - Network Traffic Analysis
The Exemplar Explained - Cybersecurity Incident Report - Network Traffic Analysis
A. The UDP protocol reveals that the DNS A. Offers a brief summary of the DNS and ICMP log analysis.
server is down or unreachable. Following the instructions, you should have identified "which network
protocol and service were impacted by this incident." The scenario states:
“[The log file] displays which protocol was used to handle communications
and which port it was delivered to. In the error log, this shows as udp port 53
unreachable. This means that the UDP protocol was used to request a domain
name resolution using the address for the DNS server over port 53.”
E. Provides the scenario, events, and symptoms identified when the event
E. Customers called the organization to was first reported:
notify the IT team they received the The Scenario states that, “A handful of customers contacted your company
message “destination port to report that they were not able to access the company website, and saw
unreachable” when they attempted to the error “destination port unreachable” after waiting for the page to load.”
visit the website.