Using the Web-Content Discovery Report (2810)
Scenario:
You're tasked with collecting information about your users' web traffic patterns and whether they are accessing domains that might be risky or malicious for a corporate environment using Threat Defense’s Web Content Discovery Reports.
Estimate Completion Time
20-30 Minutes
Prerequisites
Administrative access to the Infoblox Portal
Enabling the DNS Forwarding Proxy Service (DFP) on a NIOS-X Server (2802)
Tasks
Investigate web content usage.
Task 1: Investigate Web Content Usage
On your lab’s jump desktop, use the Education Infoblox Portal credentials to log in to the Infoblox Portal.
Use Web-Content Discovery’s tabs to answer the following questions:
How many content categories have been detected in our environment?
How many high-risk categories have been detected in the past week?
What are the Top 3 detected high-risk content categories?
How many requests have been detected for the following content categories:
Search Engines
International News
Content Servers
List the Three Device IPs with the highest web content usage
Solutions
Task 1 Solution: Investigate Web Content Usage
Please note that your report data might not exactly match the screenshots and answers provided
In this task, we will use Web Content Discovery’s various tabs and reports to answer the questions below.
Log in to your lab’s jump-desktop.
Use your Education Infoblox Portal Credentials to log into the Infoblox Portal.
Navigate to Monitor → Reports → Security → Web Content Discovery
Navigate to the Summary tab
Under the cards section
How many content categories have been detected in our environment?
191 based on the Total Categories card
How many high-risk categories have been detected in the past week?
In the past week, we had 10 high-risk categories detected based on the High Risk Categories card
Under the HIGH-RISK CATEGORIES widget
What are the Top 3 detected high-risk content categories?
Uncategorized with 216 requests
Parked & For Sale Domains with 47 requests
Piracy & Copyright Theft with 42 requests
Navigate to the Categories tab
How many requests have been detected for the following content categories:
Please note that some categories might not be detected in your lab environment, as traffic is being randomized, and in this case, the answer will be zero requests.
Search Engines have 401 requests
International News has 615 requests
Content Servers have 3571 requests
Navigate to the Devices tab
List the 3 Device IPs with the highest application usage.
185.64.245.49
172.31.13.202
172.31.87.16