Project Ares Mission - Protect Financial Institution - Operation Wounded Bear

Provided by

Enquire about this course

Overview

Missions are scenarios designed to help train and assess skill levels of learners within a realistic story that is either offensive or defensive (i.e. ransomware attack on a hospital). The network environment is more complex than a Battle Room scenario and requires the learner(s) to combine multiple skill sets to complete the learning objectives. They are played individually, or in teams to learn together. Facilitators can also choose to enable or disable hints and enter the scenario to tailor the learning experience.

Players enter an environment and are given mission orders, rules of engagement and must use their skills to compete objectives.

Mission Activity (Blue Team - Defensive)

A new virus has been detected and is spreading globally through financial institutions. The International Cyber Defence Organization (ICDO) has been deployed to all major banks to eradicate this infection. This virus has been designed to infiltrate the banking systems, take over financial applications and collect credentials from unsuspecting users. You are being sent to see if their environment has been infected.
  • Load Time Easy: - 5 min
  • Medium: - 15 min
  • Time Limit - 8 hrs
  • # of Tasks - 6
  • Hints Yes
  • Save Session - Yes
  • Team Based - Yes
Prerequisites

Learners should be familiar with basic malware analysis, containment and eradication. Also, Snort rules development within intrusion detection and prevention.

Objectives

The learner will be provided access to all workstations and must use the bank;s intrusion detection system to find the infection and create rules to prevent future infections. Once they have set up the rules, they will need to kill the malicious processes and remove it from infected machines. Obviously, the bank is still operating so they must not do anything which could impact their users negatively.

Outline

Mission Video Briefing

Enquire

Start date Location / delivery
No fixed date United Kingdom Book now
01132207150 01132207150

Related article

QA's practice director of Cyber Security, Richard Beck, rounds up the latest cyber security news.