Need some pointers on the second question of this module. Question is “Which employee is suspected of preforming potentially malicious actions in the live environment?”
I did a 10 minute packet capture, got over 500 packets, and still can’t figure this out. I followed the HTTP stream and also found no “file.jpeg”. Any help would be appreciated.