Memory Analysis Lab

Infosec Learning
Virtual Lab

This lab is part of a series of lab exercises designed through a grant initiative by the Center for Systems Security and Information Assurance (CSSIA) and the Network Development Group (NDG) and funded by the National Science Foundation’s (NSF) Advanced Technological Education (ATE) program Department of Undergraduate Education (DUE) Award No. 0702...

Time
1 hour 30 minutes
Difficulty
Intermediate
5.0
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

This Virtual Lab is part of a Career Path: Become an Incident Handler
Overview

This lab is part of a series of lab exercises designed through a grant initiative by the Center for Systems Security and Information Assurance (CSSIA) and the Network Development Group (NDG) and funded by the National Science Foundation’s (NSF) Advanced Technological Education (ATE) program Department of Undergraduate Education (DUE) Award No. 0702872 and 1002746.

By the end of this lab, students will utilize various methods to determine if an attacker attempted a breach or successfully compromised a system. Some information about the attacker, such as his IP Address, may be lost if the machine is shutdown. For this reason, an investigator collects volatile data before shutting down a system.

This lab includes the following tasks:

Task 1 – Obtaining a dump of physical memory using DumpIt Task 2 – Attacking the victim system with Armitage Task 3 – Using volatility to determine remote connections

LEARN MORE. ACHIEVE MORE.

Follow A Path

Deciphering the essentials to enter a new career is hard, so we did it for you!

Focus on building your skills and take this virtual lab in a guided Career Path.