Level 1: CYRIN Enterprise Instructional Labs

Provided by

Enquire about this course

Overview

Level 1 CYRIN Enterprise Instructional Labs includes access to the entire set of CYRIN cybersecurity labs. Currently over 40 exercise labs are available, with more coming each quarter. Lab categories include Cyber Forensics, Secure Network Setup, and many others, see 'Exercise Lab Contents' for a preview of each. Each exercise lab is approximately two hours long, self-paced. Labs can be paused, continued, or repeated at any time. CPEs awarded on successful completion of each lab.

1. Getting Started with CYRIN

2. Introductory IDS Configuration with Snort

3. Intrusion Detection using Zeek (formerly Bro)

4. Firewall Configuration with VyOS

5. Firewall Configuration with Iptables

6. Firewall Configuration with pfSense

7. VPN Server Configuration with OpenVPN

8. Split-Horizon DNS Configuration using BIND

9. Host IDS Setup with OSSEC

10. Using Active Directory to Manage Domain User Accounts

11. SSH Server Configuration

12. Identifying Live Machines and Services on an Unknown Network

13. Service Identification I

14. Service Identification 2

15. Log Analysis with RSYSLOG

16. Log Analytics with Splunk

17. Log Analytics with Elastic Stack

18. Introduction to Metasploit

19. Vulnerability Scanning with OpenVAS

20. Automating Security Analysis with SPARTA

21. Secure Configuration of the Apache Web Server

22. Secure SSL Configuration in Apache

23. Web Application Security Analysis using OWASP-ZAP

24. Web Application Security Analysis using Nikto

25. Web Application Security Analysis using Vega

26. Web Application Security Analysis using Burp Suite

27. Detecting and Exploiting SQL Injection Vulnerabilities

28. Web Site Reconnaissance

29. DoS Attacks and Defences

30. Protocol Analysis I: Wireshark Basics

31. Protocol Analysis II: Extracting Data from Network Traffic

32. Handling Potential Malware

33. Introductory File System Forensics

34. Live Forensics using GRR

35. Introduction to P2P Forensics

36. Introduction to Memory Analysis with Volatility

37. Introduction to Memory Analysis with Rekall

38. Windows Forensics Artefacts

39. Advanced P2P Forensics

40. eMule P2P Forensics

41. Introduction to Jenkins CI/CD Pipelines

42. Introduction to Shell Scripts

Want to try out a lab? The Web Application Security Analysis with OWASP-ZAP lab is available FREE for 30 days. Cost for an annual subscription includes existing labs and all new labs during a 12-month period. Bulk discounts are available.

Prerequisites

Prerequisites vary by lab but are generally: familiarity with the Unix/Linux command line, basic networking concepts (TCP/IP, DNS, etc.), and basic cyber-forensic concepts (for forensics labs).

Outline

All CYRIN labs, exercises and attacks happen within a virtual environment. Each trainee or student gets their own virtual instance of a lab, exercise or attack, allowing training to be self-paced and available anywhere at any time. In order to meet specific training objectives, CYRIN subscriptions are sold on a packaged basis. That is, groups of CYRIN labs, exercises and/or attacks are recommended and bundled to meet the individual needs of the student.

EXPECTED DURATION:

80 hours, self-paced. Pause and continue at any time.

80 CPEs awarded on successful completion.

12 months of access.

EXERCISE LAB CONTENTS:

1. Getting Started with CYRIN

An introduction to CYRIN features, as well as an introduction to the Linux Terminal, Windows PowerShell, and shell commands.

2. Introductory IDS Configuration with Snort

Students will learn how to configure an Intrusion Detection System (IDS) to examine traffic to/from a firewall. The popular Snort® IDS will be used in this exercise. The exercise will include both harmless background traffic and potentially malicious traffic to be detected by Snort.

3. Intrusion Detection using Zeek (formerly Bro)

Students will learn how to deploy, configure and customize a Zeek Network Intrusion Detection System (NIDS). They will customize Zeek to generate enterprise specific logs and to send email notifications of events of interest. They will also create a simple Zeek plugin, using the Zeek scripting language, to detect and block brute force ssh login attempts.

4. Firewall Configuration with VyOS

Students will configure a network firewall using the VyOS router appliance, which mimics physical router hardware. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. Students will set up a partitioned network and a DMZ area to isolate specific enterprise services, such as an e-mail server. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.

5. Firewall Configuration with Iptables

Students will configure a network firewall using the standard Linux iptables module. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. More advanced techniques such as port knocking will also be introduced. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.

6. Firewall Configuration with pfSense

Students will learn to secure and configure the widely used, open-source pfSense firewall. They will learn to create firewall rules, the order in which rules are applied, how pfSense aliases can be used to simplify the pfSense rule set, and how to secure pfSense itself. They will also learn to view statistics and logs collected by pfSense.

7. VPN Server Configuration with OpenVPN

Students will learn to configure and set up an OpenVPN server. OpenVPN is an open-source virtual private network (VPN) solution. VPNs extend a private network over a public network, allowing users to send and receive data the public networks as if they are directly connected to the private network.

8. Split-Horizon DNS Configuration using BIND

Hackers shouldn;t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.

9. Host IDS Setup with OSSEC

Students learn how to configure and run the widely-used, free OSSEC Host Intrusion Detection System (HIDS). During the exercise, students will learn how to check for rootkits using OSSEC, how to verify file integrity, how to set up passive and active responses, and more. Host intrusion detection is critical to maintaining a secure system, and is required by HIPAA and PCI regulations, both of which OSSEC can help you meet.

10. Using Active Directory to Manage Domain User Accounts

Students learn to use the Windows Active Directory service to create and manage domain user accounts. They also learn to set up security policies and assign these policies to users and organizational units.

11. SSH Server Configuration

Students learn the proper setup of the OpenSSH remote administration tool, including security-relevant settings. During the exercise, students will learn best practices such as host filtering, public-key or Kerberos authentication, and PAM integration.

12. Identifying Live Machines and Services on an Unknown Network

Students will use tools such as nmap, unicornscan, and fping to identify systems on a local network, including both Unix and Windows targets. Students will identify the operating systems these systems are running, as well as the types of network services they are providing.

13. Service Identification I

Students will use multiple tools to identify services, including software package and version information, running on unknown systems. Network services to be targeted will include those running on non-standard ports or behind firewall rules.

14. Service Identification II

Students will build on the Service Identification I exercise to use service-specific information-gathering tools. Students will gather vendor, software, and version information, as well as any configuration information available remotely. Students will then use scripting tools to automate this process.

15. Log Analysis with RSYSLOG

This lab teaches students to setup and configure a central RSYSLOG server that will receive and store logs from FreeBSD, Linux and Windows clients.

16. Log Analytics with Splunk

In this lab the student will learn how to configure and securely run the Splunk Enterprise security information collection and analysis platform. The objective of the lab is to deploy multiple instances of Splunk data forwarders through a deployment server and analyse the logs received from the servers. The student will write custom scripts to generate logs, create both visual and textual reports, organize these reports into a single dashboard, and learn to recognize malicious activity.

17. Log Analytics with Elastic Stack

Elastic Stack is a group of services designed to take data from almost any type of source and in almost any type of format, and to search, analyze and visualize that data in real time. In this lab, Elastic Stack will be used for log analytics. Students will learn to set up and run the Elasticsearch, Logstash and Kibana components of Elastic Stack. Multiple computers in a small network will forward their logs to a central server where they will be processed by Elastic Stack. Student will use Kibana to view logs, filter them and set up dashboards. Information in the logs will be used to identify and block an on-going attack.

18. Introduction to Metasploit

Students will gain experience with the widely used open source Metasploit® framework and related tools for exploiting vulnerable software and insecure system configurations. The exercise leads students through the entire process, from scanning the network to getting remote shells and accessing sensitive information. By seeing the tools available to potential attackers, students will gain a greater appreciation for the need to keep software up-to-date and securely configured.

19. Vulnerability Scanning with OpenVAS

Students will use the free OpenVAS web tool suite to identify vulnerabilities in services available on an unknown network. The network will include several targets with known-vulnerable software versions and/or configurations.

20. Automating Security Analysis with SPARTA

Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.

21. Secure Configuration of the Apache Web Server

Students will learn how to set up a web server securely by configuring the commonly used Apache HTTP Server® on a Linux system. Security options will be explored, including location/directory restrictions, permissions, authentication, and SSL configuration.

22. Secure SSL Configuration in Apache

Students will build on the basic Apache configuration exercise to configure Secure Sockets Layer (SSL) encryption for the Apa

Enquire

Start date Location / delivery
No fixed date United Kingdom Book now
01132207150 01132207150

Related article

Read the latest edition of Cyber Pulse: Law enforcement takes down global cybercrime VPN services Safe-Inet; European Medicines Agency Covid-19