I have Homework

in /by

I have Homework

Activity 2: Analyzing a Malicious Domain Using a Passive Domain Name System (DNS) and Online Scanning Virus Tool

In this task will you analyze a malicious domain using a passive DNS. A passive DNS is a tool that enables a cyber forensic examiner to collect information about a malicious domain using public DNS data. For this task you will use an online passive DNS called Robtex (https://www.robtex.com/) to collect public DNS data on a malicious domain, knigazdorovya.com (this is phishing domain).

To collect more threat intelligence, use virustotal.com too. The whole idea behind this activity to gain some insight into cyberspace threat landscape – this is insight is useful in making critical decision in event of data breach.

Use the following steps to the perform the analysis on the domain:

  • Start your Ubuntu VM
  • Login into Ubuntu to access the desktop
  • Launch the VM’s web browser, which is Firefox (this is installed by default)
  • Enter https://www.robtex.com/ in the web browser’s address bar to launch Robtex passive DNS
  • Type the malicious domain within Robtex’s search box and click go
  • Robtex will return results corresponding to the cancerlove.org domain and other similar domains.
  • The output from the passive DNS is detailed take some time to study it and then answer the following questions.

Questions:

  • Which IP addresses does the domain use?
  • Where is the knigazdorovya.com domain located or host?
  • Mention 3 domains that use the same IP addresses as knigazdorovya.com?
  • What mail servers does knigazdorovya.com use?
  • Where are the name servers and mail servers associated with this domain knigazdorovya.com geolocated?
  • In event of a cyber-attack targeting US organizations and businesses , does US have jurisdiction to prosecute ISPs hosting this domain and any of its associated name and mail server domains? Why or Why not?

"You need a similar assignment done from scratch? Our qualified writers will help you with a guaranteed AI-free & plagiarism-free A+ quality paper, Confidentiality, Timely delivery & Livechat/phone Support.


Discount Code: CIPD30



Click ORDER NOW..

order custom paper