Project Ares Mission - Stop Malicious Process - Operation Artic Cobra
Provided by QA
Overview
Missions are scenarios designed to help train and assess skill levels of learners within a realistic story that is either offensive or defensive (i.e. ransomware attack on a hospital). The network environment is more complex than a Battle Room scenario and requires the learner(s) to combine multiple skill sets to complete the learning objectives. They are played individually, or in teams to learn together. Facilitators can also choose to enable or disable hints and enter the scenario to tailor the learning experience.
Players enter an environment and are given mission orders, rules of engagement and must use their skills to compete objectives.
Mission Activity (Blue Team - Defensive)
A family of Trojans (i.e. ZeuS, Dyre, Dridex, SpyEye) causing a surge of identity thefts has attacked institutions on a global scale. Due to the potentially destabilizing economic impact, the International Cyber Defence Organization has been called upon for assistance. You are being deployed to find and remove any trace of this infection that has exfiltrated identity information from the headquarters of Rahatalo, Regional Bank in southern Finland.
Learners should be familiar with basic understanding of application layer networking, Linux CLI, packet capture & analysis and best practices of how to contain and eradicate malware.
Objectives
The learner will analyse network traffic to find and stop all malicious processes attacking this financial institution. They must stop exfiltration and analyse the extent of the data loss while ensuring that no further infections can occur by eradicating all aspects of the Trojan.
Outline
Mission Video Briefing
Missions are scenarios designed to help train and assess skill levels of learners within a realistic story that is either offensive or defensive (i.e. ransomware attack on a hospital). The network environment is more complex than a Battle Room scenario and requires the learner(s) to combine multiple skill sets to complete the learning objectives. They are played individually, or in teams to learn together. Facilitators can also choose to enable or disable hints and enter the scenario to tailor the learning experience.
Players enter an environment and are given mission orders, rules of engagement and must use their skills to compete objectives.
Mission Activity (Blue Team - Defensive)
A family of Trojans (i.e. ZeuS, Dyre, Dridex, SpyEye) causing a surge of identity thefts has attacked institutions on a global scale. Due to the potentially destabilizing economic impact, the International Cyber Defence Organization has been called upon for assistance. You are being deployed to find and remove any trace of this infection that has exfiltrated identity information from the headquarters of Rahatalo, Regional Bank in southern Finland.
- Load Time Easy: - 5 min
- Medium: - 14 min
- Time Limit - 8 hrs
- # of Tasks - 4
- Hints - Yes
- Save Session - Yes
- Team Based - Yes
Learners should be familiar with basic understanding of application layer networking, Linux CLI, packet capture & analysis and best practices of how to contain and eradicate malware.
Objectives
The learner will analyse network traffic to find and stop all malicious processes attacking this financial institution. They must stop exfiltration and analyse the extent of the data loss while ensuring that no further infections can occur by eradicating all aspects of the Trojan.
Outline
Mission Video Briefing
Enquire
| Start date | Location / delivery | |
|---|---|---|
| No fixed date | United Kingdom | Book now |
01132207150
01132207150
Related article
CYBER PULSE: EDITION 179 | 18 MARCH 2022
QA's practice director of Cyber Security, Richard Beck, rounds up the latest cyber security news.