NCAC

National Cyber Analyst Challenge

Phase I Q&A

By

Please submit questions and comments about Phase I of the National Cyber Analyst Challenge as a response to this post. We are looking forward to your Phase I submissions and the NCAC team is ready to help.

Comments

  1. Hi Munir,

    How much detail are you folks expecting within the PowerPoint slides?

    Cheers,
    Keith

  2. Keith,

    It’s going to have to be detailed. The overall exercise is asking for a report to the CEO for a cyber security event/incident. You have to show what you found in all the data and that will be specific. Show how you found it and provide recommendations.

    Thanks
    –Larry

    • Larry,

      Have you considered that ten slides (of which ~four are reserved for information not directly related to the attack) is simply not enough to provide a detailed deliverable? I would assume that for a cyber security “incident” such as this, a CEO may expect more information. In my experience, a powerpoint slide deck is designed to be a visual aid for an actual presentation. I do not believe that a ten slide powerpoint is an appropriate medium for breaking down an attack like this. This could easily be a ten page report.

      Any input on this? Advice for creating an appropriate deliverable?

      Thanks,

      Alex

  3. Hi Folks,

    Do you have a recommended Open Source tool for performing malware analysis? Preferably something that is able to run on OS X.

    Thanks!

    Cheers,
    Keith

  5. Hello again!

    Our team is curious to know if there is a cut-off between each phase of the challenge (from Phase I to Phase II, and Phase II to Phase III)? If so, how many teams are intended to pass into each successive phase?

    For example, Phase I included 11 teams, Phase II will include “X” teams, and Phase III will include “Y” teams – where “X” and “Y” are the number of teams intended to participate in each phase.

    Many thanks!

    Cheers,
    Keith