Security Essentials Labs

This lab shows the student how to setup BitLocker on a Windows 8.1 Professional system.

In this lab, the student will respond to an incident by blocking incoming traffic on a known port from a specific IP.

Students will evaluate policies in place on a domain and apply those policies in accordance to organizational standards.

Students will create a list of installed programs, services, and accounts in a Windows 2012 server environment using various tools and methods.

Students will be required to create two documents: a Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP). Both documents deal with worst case scenarios concerning how to keep business going despite the occurrence of a natural disaster, catastrophic accident or serious man-made incident.

In this lab we will simulate the recovery phase where we must perform a backup in a server environment.

In this lab you will use Splunk Enterprise to ingest logs from a local host for analysis

This lab takes the trainee into basic concepts regarding establishing baselines of files and directories with Kali Linux and Windows 7. In the first part of the lab, the trainee will establish a baseline of the passwd file within Kali Linux, and in the second part the trainee will establish a baseline of the C:\> drive within Windows 7.

Students will identify if a vulnerability is present in the systems and remediate the vulnerability if necessary.

The Network Discovery lab is designed to help students facilitate open source collection by teaching them how to use more intimate network discovery techniques.

In this lab we will take the concept of zones and create three zones and route traffic accordingly. We will have the trusted zones ZONE - LAN which will be the internal Local Area Network. ZONE - DMZwhich will be the demilitarized zone. ZONE - WAN - which will be the Wide area network. We will set up a firewall (PFSENSE) to allow internal traffic from the LAN to the WAN. We will allow traffic WAN to DMZ and DMZ to WAN. Internal traffic WILL NOT BE ALLOWED TO ENTER THE DMZ UNLESS IT COMES through the WAN interface. This will prevent/deter hackers who if possibly compromised a DMZ asset will not be able to access the internal LAN segment. We'll also show trainees how a contractor would likely VPN into a retail network and how to appropriately restrict their access.

Students will utilize Zenmap to generate a visual network topology.

The Open Source Collection lab is designed to familiarize students with the advanced functionality of Google, default webpages used for web-servers, and the specifics of Google Hacking database. This allows the students to understand how open source information can be used for exploitation purposes.

Students will use John the Ripper and Cain and Abel to crack password protected files

This next lab walks students through identifying a security incident, as well as handling and then responding to the incident.

Students will leverage Scalnline, a windows network discovery and mapping tool, to identify the systems on a network of responsibility. Students will utilize non-traditional scans to attempt avoiding an Intrusion Detection System (IDS).

In this lab you will use Windows Event Viewer to view and filter the security event log on a Windows 7 client computer specifically for account logons.

This lab exercise is designed to allow the trainee become familiar with the use of Wireshark.