Credential stuffing has been on the rise and you have seen countless stories on your cybersecurity RSS feeds of companies having to conduct public disclosures of breaches. You know it is in the best interest of your US-based company, your US-based customers, and your CISO’s job tenure (you like her leadership style) to keep them out of the headlines, so you decide to start hunting your custom API for evidence of credential stuffing.

Your mission is to analyze this custom_api_capture.pcapng file and determine if credential stuffing is occurring!

Couple hints to start your investigation: Geo-infeasibility, Impossible travel, Account breach/compromise

Answer *:(* required fields)

Using only the information in the screenshot below – which of the following statements is true about this packet?

NOTE: Additional padding was manually added to the end of this packet.

Answer *:(* required fields)

What is the login and password I used?

All the clues you need will be in this trace.pcapng file and the points below:

  • The trace file includes me surfing “cnn.com” as well as accessing a local device
  • The protocol I used was HTTP but not TCP port 80
  • If you find the correct IP pair, you will see me unsuccessfully try to connect on TCP port 80
  • I then try again with the correct TCP port number
  • After connecting, I login to the device

Answer *:(* required fields)

This pcap file has been collected from a Wireless network in which the User is complaining of significantly slower performance and throughput. You are tasked with identifying the issue. Only one answer is correct.

Answer *:(* required fields)

This question will be available on November 25, 2019

This question will be available on December 2, 2019

This question will be available on December 9, 2019