Chapter 10: Performing Intrusion Analysis

Within the cybersecurity industry, many organizations' systems and networks are being compromised by threat actors who will implant some type of malicious application that allows the victim's system to establish a connection back to a Command and Control (C2) server. Systems that are infected with malware should be isolated as soon as possible as the malware will attempt to spread across the network to infect other systems, and even attempt to connect to the C2 server for updates and instructions from the threat actor. These are just some examples of how threat actors and malware use your organization's network to do their bidding. As an up-and-coming cybersecurity professional, it's essential to understand ...