Secure Network Setup Package
Provided by QA
Overview
Setting up your network securely is the first step in preventing attacks and misuse of your resources. The labs in this category help you gain experience with common network security practices, intrusion detection systems, and firewall policies. You will gain exposure to multiple tools in order to apply your existing knowledge seeing how specific tools implement best practices and principles. Even if your network uses different software packages, the principles and procedures honed here will apply equally in your configuration.
This package includes all labs in the Secure Network Setup category, as well as all new labs in the category released during your subscription period. The MITRE ATT&CK Matrix is a taxonomy of adversary tactics and techniques, including detection and mitigation techniques for each. These techniques are aligned as appropriate to CYRIN exercise lab packages.
Prerequisites
Specific prerequisites vary by lab, but generally include basic knowledge of TCP/IP networking and network setup principles.
Outline
All CYRIN labs, exercises and attacks happen within a virtual environment. Each trainee or student gets their own virtual instance of a lab, exercise or attack, allowing training to be self-paced and available anywhere at any time. In order to meet specific training objectives, CYRIN subscriptions are sold on a packaged basis. That is, groups of CYRIN labs, exercises and/or attacks are recommended and bundled to meet the individual needs of the student.
CYRIN Secure Network Setup Package:
EXPECTED DURATION:
• 14 hours, self-paced. Pause and continue at any time.
• 14 CPEs awarded on successful completion.
• 6 months of access.
EXERCISE LAB CONTENTS:
1. Introductory IDS Configuration with Snort
Students will learn how to configure an Intrusion Detection System (IDS) to examine traffic to/from a firewall. The popular Snort® IDS will be used in this exercise. The exercise will include both harmless background traffic and potentially malicious traffic to be detected by Snort.
2. Intrusion Detection using Zeek (formerly Bro)
Students will learn how to deploy, configure and customize a Zeek Network Intrusion Detection System (NIDS). They will customize Zeek to generate enterprise specific logs and to send email notifications of events of interest. They will also create a simple Zeek plugin, using the Zeek scripting language, to detect and block brute force ssh login attempts.
3. Firewall Configuration with VyOS
Students will configure a network firewall using the VyOS router appliance, which mimics physical router hardware. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. Students will set up a partitioned network and a DMZ area to isolate specific enterprise services, such as an e-mail server. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
4. Firewall Configuration with Iptables
Students will configure a network firewall using the standard Linux iptables module. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. More advanced techniques such as port knocking will also be introduced. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
5. Firewall Configuration with pfSense
Students will learn to secure and configure the widely used, open-source pfSense firewall. They will learn to create firewall rules, the order in which rules are applied, how pfSense aliases can be used to simplify the pfSense rule set, and how to secure pfSense itself. They will also learn to view statistics and logs collected by pfSense.
6. VPN Server Configuration with OpenVPN
Students will learn to configure and set up an OpenVPN server. OpenVPN is an open-source virtual private network (VPN) solution. VPNs extend a private network over a public network, allowing users to send and receive data the public networks as if they are directly connected to the private network.
7. Split-Horizon DNS Configuration using BIND
Hackers shouldn;t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.
NIST NICE FRAMEWORK
All of the CYRIN exercise labs are mapped to the NIST NICE Framework - Specialty Areas:
Setting up your network securely is the first step in preventing attacks and misuse of your resources. The labs in this category help you gain experience with common network security practices, intrusion detection systems, and firewall policies. You will gain exposure to multiple tools in order to apply your existing knowledge seeing how specific tools implement best practices and principles. Even if your network uses different software packages, the principles and procedures honed here will apply equally in your configuration.
This package includes all labs in the Secure Network Setup category, as well as all new labs in the category released during your subscription period. The MITRE ATT&CK Matrix is a taxonomy of adversary tactics and techniques, including detection and mitigation techniques for each. These techniques are aligned as appropriate to CYRIN exercise lab packages.
Prerequisites
Specific prerequisites vary by lab, but generally include basic knowledge of TCP/IP networking and network setup principles.
Outline
All CYRIN labs, exercises and attacks happen within a virtual environment. Each trainee or student gets their own virtual instance of a lab, exercise or attack, allowing training to be self-paced and available anywhere at any time. In order to meet specific training objectives, CYRIN subscriptions are sold on a packaged basis. That is, groups of CYRIN labs, exercises and/or attacks are recommended and bundled to meet the individual needs of the student.
CYRIN Secure Network Setup Package:
EXPECTED DURATION:
• 14 hours, self-paced. Pause and continue at any time.
• 14 CPEs awarded on successful completion.
• 6 months of access.
EXERCISE LAB CONTENTS:
1. Introductory IDS Configuration with Snort
Students will learn how to configure an Intrusion Detection System (IDS) to examine traffic to/from a firewall. The popular Snort® IDS will be used in this exercise. The exercise will include both harmless background traffic and potentially malicious traffic to be detected by Snort.
2. Intrusion Detection using Zeek (formerly Bro)
Students will learn how to deploy, configure and customize a Zeek Network Intrusion Detection System (NIDS). They will customize Zeek to generate enterprise specific logs and to send email notifications of events of interest. They will also create a simple Zeek plugin, using the Zeek scripting language, to detect and block brute force ssh login attempts.
3. Firewall Configuration with VyOS
Students will configure a network firewall using the VyOS router appliance, which mimics physical router hardware. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. Students will set up a partitioned network and a DMZ area to isolate specific enterprise services, such as an e-mail server. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
4. Firewall Configuration with Iptables
Students will configure a network firewall using the standard Linux iptables module. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. More advanced techniques such as port knocking will also be introduced. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.
5. Firewall Configuration with pfSense
Students will learn to secure and configure the widely used, open-source pfSense firewall. They will learn to create firewall rules, the order in which rules are applied, how pfSense aliases can be used to simplify the pfSense rule set, and how to secure pfSense itself. They will also learn to view statistics and logs collected by pfSense.
6. VPN Server Configuration with OpenVPN
Students will learn to configure and set up an OpenVPN server. OpenVPN is an open-source virtual private network (VPN) solution. VPNs extend a private network over a public network, allowing users to send and receive data the public networks as if they are directly connected to the private network.
7. Split-Horizon DNS Configuration using BIND
Hackers shouldn;t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.
NIST NICE FRAMEWORK
All of the CYRIN exercise labs are mapped to the NIST NICE Framework - Specialty Areas:
- Network Services (NET)
- Systems Architecture (ARC)
- Cyber Defence Infrastructure Support (INF)
Enquire
| Start date | Location / delivery | |
|---|---|---|
| No fixed date | United Kingdom | Book now |
01132207150
01132207150
Related article
QA Launch new Cyber Pulse Portal
The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,