Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs

UTILITIES
Experience and mitigate live cyber attacks on a virtual network representing a power generation/transmission/distribution company! Each utility gets a dedicated virtual network that includes representative enterprise (IT) and operational (OT) networks. Attacks can include Internet-originating malware such as spear-phishing, insider threats, and supply chain compromises. Users sign in via a web browser, or coming in Spring 2020, can "bring their own tools" with a direct VPN connection to their exercise network.

Level 3 includes all Level 2 scenarios and Level 1 labs, PLUS four IT/OT attack scenarios with a new scenario each quarter!

Want to see a scenario in action? Watch our live walkthrough of Level 3!

Example Scenarios:

• Man-in-the-middle attack on the OT network due to a supply chain compromise.
• Phishing attack on the IT network that reaches the OT network.
• Application-level denial of service attack on the OT network.
• Network-level denial of service attack on the OT network.

Each scenario comes with step-by-step instructions for finding the source of the attack, or for a greater challenge, have your team figure it out on their own!

Cost for an annual subscription includes existing labs and all new labs during a 12 month period. Bulk discounts are available. Packages can be purchased by credit card or paid by invoice. Contact info@cyrintraining.com for volume discount and invoicing options.

PREREQUISITES
Familiarity with SCADA system concepts (HMI clients, PLCs, Modbus, etc.), basic networking concepts (TCP/IP, DNS, etc.), and basic network attack/defense and troubleshooting techniques.
EXPECTED DURATION
110 hours , self-paced. Pause and continue at any time.

PACKAGE CONTENTS 

• Getting Started with CYRIN
• Introductory IDS Configuration with Snort
• Intrusion Detection using Zeek (formerly Bro)
• Firewall Configuration with VyOS
• Firewall Configuration with IPtables
• Firewall Configuration with pfSense
• VPN Server Configuration with OpenVPN
• Split-Horizon DNS Configuration using BIND
• Host IDS Setup with OSSEC
• Using Active Directory to Manage Domain User Accounts
• SSH Server Configuration
• Identifying Live Machines and Services on an Unknown Network
• Service Identification I
• Service Identification II
• Log Analysis with RSYSLOG
• Log Analytics with Splunk
• Log Analytics with Elastic Stack
• Introduction to Metasploit
• Vulnerability Scanning with OpenVAS
• Automating Security Analysis with SPARTA
• Secure Configuration of the Apache Web Server
• Secure SSL Configuration in Apache
• Web Application Security Analysis using OWASP-ZAP
• Web Application Security Analysis using Nikto
• Web Application Security Analysis using Vega
• Web Application Security Analysis using Burp Suite
• Detecting and Exploiting SQL Injection Vulnerabilities
• Web Site Reconnaissance
• DoS Attacks and Defenses
• Protocol Analysis I: Wireshark Basics
• Protocol Analysis II: Extracting Data from Network Traffic
• Handling Potential Malware
• Introductory File System Forensics
• Live Forensics using GRR
• Introduction to P2P Forensics
• Introduction to Memory Analysis with Volatility
• Introduction to Memory Analysis with Rekall
• Windows Forensics Artifacts
• Advanced P2P Forensics
• eMule P2P Forensics
• Capture the Flag Scenario I
• Capture the Flag Scenario II
• Conduct a Data Leak Investigation
• Packet Capture Analysis and Manipulation
• Intrusion Analysis using Network Traffic
• Advanced Analysis of Malicious Network Traffic
• Red vs Blue
• ICS OT Man in the Middle Attack
• ICS IT/OT Phishing Attack
• ICS OT Application-Level DoS Attack
• ICS OT Network-Level DoS Attack
• Level 1: CYRIN Enterprise Instructional Labs
• Level 2: Attack/Defense/IR Exercises & Instructional Labs

COST
$5995 for 1 year of access.