Provide steps on how to prepare the virtual environment.

In this lab, you will also review the logs to identify the compromised hosts and the content of the com-
promised file.

a. Download the Alternate Security Onion virtual machine.
b. Launch Oracle VirtualBox. Import the Alternate Security Onion VM.
c. Launch and log into the Alternate Security Onion VM. Log in with the user analyst

and password cyberops.

d. In the Alternate Security Onion VM, right-click the Desktop > Open Terminal Here.
Enter the sudo service nsm status command to verify that all the servers and sensors
are ready. This process could take a few moments. If some services report FAIL, repeat
the command as necessary until all the statuses are OK before moving on to the next
part.
```
analyst@SecOnion:~/Desktop$ sudo service nsm status
Status: securityonion
* sguil server [ OK ]
Status: HIDS
* ossec_agent (sguil) [ OK ]
Status: Bro
Name Type Host Status Pid Started
manager manager localhost running 5577 26 Jun 10:04:27
proxy proxy localhost running 5772 26 Jun 10:04:29
seconion-eth0-1 worker localhost running 6245 26 Jun 10:04:33
seconion-eth1-1 worker localhost running 6247 26 Jun 10:04:33
seconion-eth2-1 worker localhost running 6246 26 Jun 10:04:33
Status: seconion-eth0
* netsniff-ng (full packet data) [ OK ]
* pcap_agent (sguil) [ OK ]
* snort_agent-1 (sguil) [ OK ]
* snort-1 (alert data) [ OK ]
* barnyard2-1 (spooler, unified2 format) [ OK ]

```