Partial preview of the text
Download D412 Ticket 1 – Network Analytics and Troubleshooting 2025 Western Governors University and more Exams Advanced Education in PDF only on Docsity!
D412 Ticket 1 - Network Analytics and Troubleshooting 2025 Western Governors University Help Desk Ticket 1 . Malicious forward lookup zone located on host DMZ_Server_3 BB EMU (OMZ_Server 3) - TightVNC Viewer (ROR I Slemoaian) Gl QAQaala §, DNS Manager File Action View Help 0/2 am aa xo Name Type Data ¥ WIN-S736NBNES3) EXisomeas parentfolde) _—_—Startof Authority (SOA) [5], win-573¢nbnei, hostmaster. 2 ai paring sei Etsame as parent folder) Name Server (NS) win-5736nbnes3}, 1S feveseteoton Zones | Flisameas parettolde) Hest 10.10202 . A Host (A) 10,10202 1B Conditional Forwarders: Removed malicious forward lookup zone, resolves correctly (EMU (OMZ.Server.3)- Tight¥NC Viewer - o x SEH IS emaa|/QAQQaa gy File Action View Help & ee\2miada|iag Bows ©. i WIN-S736NENESR) @ rats new zone ~ Ribas |) Reverse Lookup Zones DD Trust Points (Bl Conditional Forwarders ‘The Domain Name System (DNS) allows # DNS namespace to be divided into zones. Each zone stores information about one or more contiguous DNS domains ‘To add anew zene, on the Action menu, click New Zone. 2 Administrator: Windows PowerShell - oa The tools | used were windows Cmdlets - ipconfig and resolve-dnsname as well as windows DNS manager. | used ipconfig to identify where the dns server was located. | used resolve-dnsname to identify where wgu.edu was maliciously pointed. To troubleshoot | resolved wgu.edu within the USER_Net subnet and found it pointed at 10.10.20.2 - euronews. | located the dns server and found the forward lookup zone using the windows server DNS application. Help Deskticket 2