Security Testing and Advanced Network Forensics (CSN10107) Test 2[Back] This page defines what you need to know for the test. The main sections in the test will be:
SIEM/SplunkThis part of the test will cover some analysis of logs using Splunk. Some background material is here and you can test yourself [here]
Steganography/Data hidingThis part of the test will outline some of the method used to hide data.
Advanced Network Forensics AnalysisYou will be given a network trace and be asked to analyse it for given specifications. The following will allow you to practice your skills in protocol analysis: The test will be mainly short answer questions. These MCQ questions are there to get you thinking about analysing network protocols.
The following gives another sample trace: |