Level 1: CYRIN Enterprise Instructional Labs
Provided by QA
Overview
Level 1 CYRIN Enterprise Instructional Labs includes access to the entire set of CYRIN cybersecurity labs. Currently over 40 exercise labs are available, with more coming each quarter. Lab categories include Cyber Forensics, Secure Network Setup, and many others, see 'Exercise Lab Contents' for a preview of each. Each exercise lab is approximately two hours long, self-paced. Labs can be paused, continued, or repeated at any time. CPEs awarded on successful completion of each lab.
1. Getting Started with CYRIN
2. Introductory IDS Configuration with Snort
3. Intrusion Detection using Zeek (formerly Bro)
4. Firewall Configuration with VyOS
5. Firewall Configuration with Iptables
6. Firewall Configuration with pfSense
7. VPN Server Configuration with OpenVPN
8. Split-Horizon DNS Configuration using BIND
9. Host IDS Setup with OSSEC
10. Using Active Directory to Manage Domain User Accounts
11. SSH Server Configuration
12. Identifying Live Machines and Services on an Unknown Network
13. Service Identification I
14. Service Identification 2
15. Log Analysis with RSYSLOG
16. Log Analytics with Splunk
17. Log Analytics with Elastic Stack
18. Introduction to Metasploit
19. Vulnerability Scanning with OpenVAS
20. Automating Security Analysis with SPARTA
21. Secure Configuration of the Apache Web Server
22. Secure SSL Configuration in Apache
23. Web Application Security Analysis using OWASP-ZAP
24. Web Application Security Analysis using Nikto
25. Web Application Security Analysis using Vega
26. Web Application Security Analysis using Burp Suite
27. Detecting and Exploiting SQL Injection Vulnerabilities
28. Web Site Reconnaissance
29. DoS Attacks and Defences
30. Protocol Analysis I: Wireshark Basics
31. Protocol Analysis II: Extracting Data from Network Traffic
32. Handling Potential Malware
33. Introductory File System Forensics
34. Live Forensics using GRR
35. Introduction to P2P Forensics
36. Introduction to Memory Analysis with Volatility
37. Introduction to Memory Analysis with Rekall
38. Windows Forensics Artefacts
39. Advanced P2P Forensics
40. eMule P2P Forensics
41. Introduction to Jenkins CI/CD Pipelines
42. Introduction to Shell Scripts
Want to try out a lab? The Web Application Security Analysis with OWASP-ZAP lab is available FREE for 30 days. Cost for an annual subscription includes existing labs and all new labs during a 12-month period. Bulk discounts are available.
Prerequisites
Prerequisites vary by lab but are generally: familiarity with the Unix/Linux command line, basic networking concepts (TCP/IP, DNS, etc.), and basic cyber-forensic concepts (for forensics labs).
Outline
All CYRIN labs, exercises and attacks happen within a virtual environment. Each trainee or student gets their own virtual instance of a lab, exercise or attack, allowing training to be self-paced and available anywhere at any time. In order to meet specific training objectives, CYRIN subscriptions are sold on a packaged basis. That is, groups of CYRIN labs, exercises and/or attacks are recommended and bundled to meet the individual needs of the student.
EXPECTED DURATION:
80 hours, self-paced. Pause and continue at any time.
80 CPEs awarded on successful completion.
12 months of access.
EXERCISE LAB CONTENTS:
1. Getting Started with CYRIN
An introduction to CYRIN features, as well as an introduction to the Linux Terminal, Windows PowerShell, and shell commands.
2. Introductory IDS Configuration with Snort
Students will learn how to configure an Intrusion Detection System (IDS) to examine traffic to/from a firewall. The popular Snort® IDS will be used in this exercise. The exercise will include both harmless background traffic and potentially malicious traffic to be detected by Snort.
3. Intrusion Detection using Zeek (formerly Bro)
Students will learn how to deploy, configure and customize a Zeek Network Intrusion Detection System (NIDS). They will customize Zeek to generate enterprise specific logs and to send email notifications of events of interest. They will also create a simple Zeek plugin, using the Zeek scripting language, to detect and block brute force ssh login attempts.
4. Firewall Configuration with VyOS
Students will configure a network firewall using the VyOS router appliance, which mimics physical router hardware. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. Students will set up a partitioned network and a DMZ area to isolate specific enterprise services, such as an e-mail server. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
5. Firewall Configuration with Iptables
Students will configure a network firewall using the standard Linux iptables module. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. More advanced techniques such as port knocking will also be introduced. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
6. Firewall Configuration with pfSense
Students will learn to secure and configure the widely used, open-source pfSense firewall. They will learn to create firewall rules, the order in which rules are applied, how pfSense aliases can be used to simplify the pfSense rule set, and how to secure pfSense itself. They will also learn to view statistics and logs collected by pfSense.
7. VPN Server Configuration with OpenVPN
Students will learn to configure and set up an OpenVPN server. OpenVPN is an open-source virtual private network (VPN) solution. VPNs extend a private network over a public network, allowing users to send and receive data the public networks as if they are directly connected to the private network.
8. Split-Horizon DNS Configuration using BIND
Hackers shouldn;t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.
9. Host IDS Setup with OSSEC
Students learn how to configure and run the widely-used, free OSSEC Host Intrusion Detection System (HIDS). During the exercise, students will learn how to check for rootkits using OSSEC, how to verify file integrity, how to set up passive and active responses, and more. Host intrusion detection is critical to maintaining a secure system, and is required by HIPAA and PCI regulations, both of which OSSEC can help you meet.
10. Using Active Directory to Manage Domain User Accounts
Students learn to use the Windows Active Directory service to create and manage domain user accounts. They also learn to set up security policies and assign these policies to users and organizational units.
11. SSH Server Configuration
Students learn the proper setup of the OpenSSH remote administration tool, including security-relevant settings. During the exercise, students will learn best practices such as host filtering, public-key or Kerberos authentication, and PAM integration.
12. Identifying Live Machines and Services on an Unknown Network
Students will use tools such as nmap, unicornscan, and fping to identify systems on a local network, including both Unix and Windows targets. Students will identify the operating systems these systems are running, as well as the types of network services they are providing.
13. Service Identification I
Students will use multiple tools to identify services, including software package and version information, running on unknown systems. Network services to be targeted will include those running on non-standard ports or behind firewall rules.
14. Service Identification II
Students will build on the Service Identification I exercise to use service-specific information-gathering tools. Students will gather vendor, software, and version information, as well as any configuration information available remotely. Students will then use scripting tools to automate this process.
15. Log Analysis with RSYSLOG
This lab teaches students to setup and configure a central RSYSLOG server that will receive and store logs from FreeBSD, Linux and Windows clients.
16. Log Analytics with Splunk
In this lab the student will learn how to configure and securely run the Splunk Enterprise security information collection and analysis platform. The objective of the lab is to deploy multiple instances of Splunk data forwarders through a deployment server and analyse the logs received from the servers. The student will write custom scripts to generate logs, create both visual and textual reports, organize these reports into a single dashboard, and learn to recognize malicious activity.
17. Log Analytics with Elastic Stack
Elastic Stack is a group of services designed to take data from almost any type of source and in almost any type of format, and to search, analyze and visualize that data in real time. In this lab, Elastic Stack will be used for log analytics. Students will learn to set up and run the Elasticsearch, Logstash and Kibana components of Elastic Stack. Multiple computers in a small network will forward their logs to a central server where they will be processed by Elastic Stack. Student will use Kibana to view logs, filter them and set up dashboards. Information in the logs will be used to identify and block an on-going attack.
18. Introduction to Metasploit
Students will gain experience with the widely used open source Metasploit® framework and related tools for exploiting vulnerable software and insecure system configurations. The exercise leads students through the entire process, from scanning the network to getting remote shells and accessing sensitive information. By seeing the tools available to potential attackers, students will gain a greater appreciation for the need to keep software up-to-date and securely configured.
19. Vulnerability Scanning with OpenVAS
Students will use the free OpenVAS web tool suite to identify vulnerabilities in services available on an unknown network. The network will include several targets with known-vulnerable software versions and/or configurations.
20. Automating Security Analysis with SPARTA
Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.
21. Secure Configuration of the Apache Web Server
Students will learn how to set up a web server securely by configuring the commonly used Apache HTTP Server® on a Linux system. Security options will be explored, including location/directory restrictions, permissions, authentication, and SSL configuration.
22. Secure SSL Configuration in Apache
Students will build on the basic Apache configuration exercise to configure Secure Sockets Layer (SSL) encryption for the Apa
Level 1 CYRIN Enterprise Instructional Labs includes access to the entire set of CYRIN cybersecurity labs. Currently over 40 exercise labs are available, with more coming each quarter. Lab categories include Cyber Forensics, Secure Network Setup, and many others, see 'Exercise Lab Contents' for a preview of each. Each exercise lab is approximately two hours long, self-paced. Labs can be paused, continued, or repeated at any time. CPEs awarded on successful completion of each lab.
1. Getting Started with CYRIN
2. Introductory IDS Configuration with Snort
3. Intrusion Detection using Zeek (formerly Bro)
4. Firewall Configuration with VyOS
5. Firewall Configuration with Iptables
6. Firewall Configuration with pfSense
7. VPN Server Configuration with OpenVPN
8. Split-Horizon DNS Configuration using BIND
9. Host IDS Setup with OSSEC
10. Using Active Directory to Manage Domain User Accounts
11. SSH Server Configuration
12. Identifying Live Machines and Services on an Unknown Network
13. Service Identification I
14. Service Identification 2
15. Log Analysis with RSYSLOG
16. Log Analytics with Splunk
17. Log Analytics with Elastic Stack
18. Introduction to Metasploit
19. Vulnerability Scanning with OpenVAS
20. Automating Security Analysis with SPARTA
21. Secure Configuration of the Apache Web Server
22. Secure SSL Configuration in Apache
23. Web Application Security Analysis using OWASP-ZAP
24. Web Application Security Analysis using Nikto
25. Web Application Security Analysis using Vega
26. Web Application Security Analysis using Burp Suite
27. Detecting and Exploiting SQL Injection Vulnerabilities
28. Web Site Reconnaissance
29. DoS Attacks and Defences
30. Protocol Analysis I: Wireshark Basics
31. Protocol Analysis II: Extracting Data from Network Traffic
32. Handling Potential Malware
33. Introductory File System Forensics
34. Live Forensics using GRR
35. Introduction to P2P Forensics
36. Introduction to Memory Analysis with Volatility
37. Introduction to Memory Analysis with Rekall
38. Windows Forensics Artefacts
39. Advanced P2P Forensics
40. eMule P2P Forensics
41. Introduction to Jenkins CI/CD Pipelines
42. Introduction to Shell Scripts
Want to try out a lab? The Web Application Security Analysis with OWASP-ZAP lab is available FREE for 30 days. Cost for an annual subscription includes existing labs and all new labs during a 12-month period. Bulk discounts are available.
Prerequisites
Prerequisites vary by lab but are generally: familiarity with the Unix/Linux command line, basic networking concepts (TCP/IP, DNS, etc.), and basic cyber-forensic concepts (for forensics labs).
Outline
All CYRIN labs, exercises and attacks happen within a virtual environment. Each trainee or student gets their own virtual instance of a lab, exercise or attack, allowing training to be self-paced and available anywhere at any time. In order to meet specific training objectives, CYRIN subscriptions are sold on a packaged basis. That is, groups of CYRIN labs, exercises and/or attacks are recommended and bundled to meet the individual needs of the student.
EXPECTED DURATION:
80 hours, self-paced. Pause and continue at any time.
80 CPEs awarded on successful completion.
12 months of access.
EXERCISE LAB CONTENTS:
1. Getting Started with CYRIN
An introduction to CYRIN features, as well as an introduction to the Linux Terminal, Windows PowerShell, and shell commands.
2. Introductory IDS Configuration with Snort
Students will learn how to configure an Intrusion Detection System (IDS) to examine traffic to/from a firewall. The popular Snort® IDS will be used in this exercise. The exercise will include both harmless background traffic and potentially malicious traffic to be detected by Snort.
3. Intrusion Detection using Zeek (formerly Bro)
Students will learn how to deploy, configure and customize a Zeek Network Intrusion Detection System (NIDS). They will customize Zeek to generate enterprise specific logs and to send email notifications of events of interest. They will also create a simple Zeek plugin, using the Zeek scripting language, to detect and block brute force ssh login attempts.
4. Firewall Configuration with VyOS
Students will configure a network firewall using the VyOS router appliance, which mimics physical router hardware. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. Students will set up a partitioned network and a DMZ area to isolate specific enterprise services, such as an e-mail server. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
5. Firewall Configuration with Iptables
Students will configure a network firewall using the standard Linux iptables module. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. More advanced techniques such as port knocking will also be introduced. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
6. Firewall Configuration with pfSense
Students will learn to secure and configure the widely used, open-source pfSense firewall. They will learn to create firewall rules, the order in which rules are applied, how pfSense aliases can be used to simplify the pfSense rule set, and how to secure pfSense itself. They will also learn to view statistics and logs collected by pfSense.
7. VPN Server Configuration with OpenVPN
Students will learn to configure and set up an OpenVPN server. OpenVPN is an open-source virtual private network (VPN) solution. VPNs extend a private network over a public network, allowing users to send and receive data the public networks as if they are directly connected to the private network.
8. Split-Horizon DNS Configuration using BIND
Hackers shouldn;t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.
9. Host IDS Setup with OSSEC
Students learn how to configure and run the widely-used, free OSSEC Host Intrusion Detection System (HIDS). During the exercise, students will learn how to check for rootkits using OSSEC, how to verify file integrity, how to set up passive and active responses, and more. Host intrusion detection is critical to maintaining a secure system, and is required by HIPAA and PCI regulations, both of which OSSEC can help you meet.
10. Using Active Directory to Manage Domain User Accounts
Students learn to use the Windows Active Directory service to create and manage domain user accounts. They also learn to set up security policies and assign these policies to users and organizational units.
11. SSH Server Configuration
Students learn the proper setup of the OpenSSH remote administration tool, including security-relevant settings. During the exercise, students will learn best practices such as host filtering, public-key or Kerberos authentication, and PAM integration.
12. Identifying Live Machines and Services on an Unknown Network
Students will use tools such as nmap, unicornscan, and fping to identify systems on a local network, including both Unix and Windows targets. Students will identify the operating systems these systems are running, as well as the types of network services they are providing.
13. Service Identification I
Students will use multiple tools to identify services, including software package and version information, running on unknown systems. Network services to be targeted will include those running on non-standard ports or behind firewall rules.
14. Service Identification II
Students will build on the Service Identification I exercise to use service-specific information-gathering tools. Students will gather vendor, software, and version information, as well as any configuration information available remotely. Students will then use scripting tools to automate this process.
15. Log Analysis with RSYSLOG
This lab teaches students to setup and configure a central RSYSLOG server that will receive and store logs from FreeBSD, Linux and Windows clients.
16. Log Analytics with Splunk
In this lab the student will learn how to configure and securely run the Splunk Enterprise security information collection and analysis platform. The objective of the lab is to deploy multiple instances of Splunk data forwarders through a deployment server and analyse the logs received from the servers. The student will write custom scripts to generate logs, create both visual and textual reports, organize these reports into a single dashboard, and learn to recognize malicious activity.
17. Log Analytics with Elastic Stack
Elastic Stack is a group of services designed to take data from almost any type of source and in almost any type of format, and to search, analyze and visualize that data in real time. In this lab, Elastic Stack will be used for log analytics. Students will learn to set up and run the Elasticsearch, Logstash and Kibana components of Elastic Stack. Multiple computers in a small network will forward their logs to a central server where they will be processed by Elastic Stack. Student will use Kibana to view logs, filter them and set up dashboards. Information in the logs will be used to identify and block an on-going attack.
18. Introduction to Metasploit
Students will gain experience with the widely used open source Metasploit® framework and related tools for exploiting vulnerable software and insecure system configurations. The exercise leads students through the entire process, from scanning the network to getting remote shells and accessing sensitive information. By seeing the tools available to potential attackers, students will gain a greater appreciation for the need to keep software up-to-date and securely configured.
19. Vulnerability Scanning with OpenVAS
Students will use the free OpenVAS web tool suite to identify vulnerabilities in services available on an unknown network. The network will include several targets with known-vulnerable software versions and/or configurations.
20. Automating Security Analysis with SPARTA
Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.
21. Secure Configuration of the Apache Web Server
Students will learn how to set up a web server securely by configuring the commonly used Apache HTTP Server® on a Linux system. Security options will be explored, including location/directory restrictions, permissions, authentication, and SSL configuration.
22. Secure SSL Configuration in Apache
Students will build on the basic Apache configuration exercise to configure Secure Sockets Layer (SSL) encryption for the Apa
Enquire
| Start date | Location / delivery | |
|---|---|---|
| No fixed date | United Kingdom | Book now |
03301737071
03301737071
Related article
CYBER PULSE: EDITION 179 | 18 MARCH 2022
QA's practice director of Cyber Security, Richard Beck, rounds up the latest cyber security news.