You give it an internal VLAN and watch for the malware trying to use it (assuming you disabled your physical network card on-system first before executing the code.)

It's a system set up to act like it's got internet connections, but it does not. You use sneakernet to transfer files.