Introduction: The DNS as a Remote Shell lab is a premium Cybrary lab intended for students at the intermediate level. This lab teaches students how to open a packet capture (pcap) file in Wireshark, filter the traffic stream, and examine DNS traffic for potentially malicious activity. These tasks will help students learn to identify malicious traffic occurring on the network. This is important to the work roles of Cyber Defense Analyst, Cyber Defense Incident Responder, Law Enforcement/Counterintelligence Forensic Analyst, Network Operations Specialist, and System Administrator. Upon completion of this lab, the student will be able to use Wireshark to examine pcap files for potentially malicious activity.

Skill/Activity Breakdown The DNS as a Remote Shell lab requires students to use Wireshark to perform packet-level analysis. This develops the skill of performing packet-level analysis using appropriate tools. This skill is important for the Law Enforcement/Counterintelligence Forensics Analyst work role.

The lab also requires users to examine DNS traffic for potentially malicious activity. This helps develop knowledge of network protocols. This skill is important for the Cyber Defense Analyst, Cyber Defense Incident Responder, and System Administrator work roles.

The DNS as a Remote Shell lab introduces using Wireshark to analyze packet capture files. The student will use Wireshark to open and analyze a previously captured pcap file. The student will learn to apply filters to packet captures to look for specific activity. A general DNS filter and filters for DNS source and destination traffic will be applied. The student will also learn how to follow a traffic stream to look for malicious activity. The student could extend this lab by installing Wireshark on a personal device to examine DNS traffic.

By completing the DNS as a Remote Shell lab, the student will learn how to perform packet analysis in Wireshark, filter traffic, and examine a traffic stream. Learning these skills will help students differentiate between normal and malicious network traffic. This is important for many roles in cybersecurity.

Conclusion: The DNS as a Remote Shell lab is presented by Cybrary and was created by CYBRScore. This lab develops skill in understanding network protocols and performing packet-level analysis. This lab would be beneficial for students on the Become a Cyber Security Engineer, Become a Security Operations Center (SOC) Analyst, and Become a Network Engineer career paths. Completing the lab means the students can perform basic packet capture analysis using Wireshark and examine suspicious DNS traffic.

Click on the DNS as a Remote Shell lab to learn how to use Wireshark to examine a packet capture for suspicious DNS traffic.

Delivered By


CybrScore’s hands-on training catalog is designed for learners like you to develop cybersecurity and I.T. experiential skills and assess their ability to defend networks through lab-based learning. The CybrScore catalog is composed of over 250 virtual labs curated by industry professionals to create a practical, holistic learning approach. Proven to enhance your understanding and skill level, the hands-on virtual labs provide an efficient and convenient source to further your education on your own time. The catalog is entirely browser-based making learning accessible wherever you have internet access. Search labs based on the desired topic, skill level, or correlation to career type. You can learn individually or with your team while tracking performance using Cybrary’s data and analytic metrics. Organizations all over the world train their employees with the CybrScore catalog on Cybrary. The myriad of unlimited labs will leverage your company as you practice with premium learning resources and develop the industry’s most sought after skills. You can also access content tailored to job roles giving you the ability to train employees based on needed job fulfillment and skills levels. Employees can also develop and master skills essential to the positions they wish to acquire and gain the experiential skills necessary to progress in the field. Access the extensive Cybrscore catalog, along with a variety of other lab vendors, through Cybrary for Business or Cybrary Insider Pro.

What is included in the CybrScore catalog?

The Cybrscore catalog includes unlimited access to the industry’s most popular labs. These labs are specially tailored for training in network defense, including labs on the following topics: Incident response Malware analysis Exploitation Penetrating testing Vulnerability Reverse engineering Information assurance Cyber forensics.

About CybrScore

Founded in 2014, CybrScore was developed to provide aspiring I.T. and Cybersecurity professionals the tools needed to develop hands-on skills in their chosen field. CybrScores’ ever-growing catalog is attributed to the company’s belief that learning by doing is the most effective way to master cybersecurity skills. CybrScore’s labs are helping new cybersecurity professionals break into the industry through their display of experiential knowledge acquired by lab practice and assisting professionals to advance and grow in their careers through skill advancement.

How to Access CybrScore With this catalog of unlimited labs, you and your team will have on-demand access to CybrScore's training that can be used anytime, and anywhere. These labs are included in the Cybrary for Business package, as well as Cybrary Insider Pro, and all access occurs directly through the Cybrary website. All labs are completed directly in the user’s browser and can be stopped and started at any time.