Vulnerability Scanning Package

Provided by

Enquire about this course

Overview

As an IT administrator, it;s important to be aware of the tools potential adversaries are likely to use against your networks and your applications. Not only will this help you prepare for attacks and better secure your systems, it can also identify weaknesses, misconfigurations, or unknown services on your network. And as new vulnerabilities are discovered every day, routine scanning of your network and its services lets you see whether any newly discovered vulnerabilities apply in your configuration. Labs in this category focus on systems-level scanning and exploitation.

This package includes all labs in the Vulnerability Scanning category, as well as all new labs in the category released during your subscription period. For vulnerabilities specific to web-based applications, also consider labs in our Web Application Security Analysis category. The MITRE ATT&CK Matrix is a taxonomy of adversary tactics and techniques, including detection and mitigation techniques for each. These techniques are aligned as appropriate to CYRIN exercise lab packages.

Prerequisites

Specific prerequisites vary by lab, but generally include basic knowledge of TCP/IP networking and network setup principles, and familiarity with the Unix/Linux command line.

Objectives

All CYRIN labs, exercises and attacks happen within a virtual environment. Each trainee or student gets their own virtual instance of a lab, exercise or attack, allowing training to be self-paced and available anywhere at any time. In order to meet specific training objectives, CYRIN subscriptions are sold on a packaged basis. That is, groups of CYRIN labs, exercises and/or attacks are recommended and bundled to meet the individual needs of the student.

CYRIN Vulnerability Scanning Package:

EXPECTED DURATION:

6 hours, self-paced. Pause and continue at any time.

6 CPEs awarded on successful completion.

6 months of access.

EXERCISE LAB CONTENTS:

1. Introduction to Metasploit

Students will gain experience with the widely used open source Metasploit® framework and related tools for exploiting vulnerable software and insecure system configurations. The exercise leads students through the entire process, from scanning the network to getting remote shells and accessing sensitive information. By seeing the tools available to potential attackers, students will gain a greater appreciation for the need to keep software up-to-date and securely configured.

2. Vulnerability Scanning with OpenVAS

Students will use the free OpenVAS web tool suite to identify vulnerabilities in services available on an unknown network. The network will include several targets with known-vulnerable software versions and/or configurations.

3. Automating Security Analysis with SPARTA

Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.

NIST NICE FRAMEWORK

All of the CYRIN exercise labs are mapped to the NIST NICE Framework - Specialty Areas:

• Vulnerability Assessment and Management (VAM)

• Exploitation Analysis (EXP)

CYRIN training is sold on a subscription basis. All CYRIN subscriptions come with two free labs: "Getting Started with CYRIN" and "Web application Security Analysis using OWASP-ZAP". All new CYRIN courses that are added to the training platform during a subscription period will be made available to subscribers at no additional cost.

Enquire

Start date Location / delivery
No fixed date United Kingdom Book now
01132207150 01132207150

Related article

Read the latest edition of Cyber Pulse: Law enforcement takes down global cybercrime VPN services Safe-Inet; European Medicines Agency Covid-19