Live virtual machine lab 1.2: module 01 gathering intelligence on threat actors and vectors
Live Virtual Machine Lab 2.1: Module 02 Penetration TestingTechniquesExercise 1 - Explain Penetration Testing and its TypesTask 1 - Penetration TestingA penetration test is often called a pen-test and is conducted to uncover, exploit and understandthe severity of security loopholes in applications, network devices and infrastructurecomponents like web servers, application servers, database servers etc.Penetration TestingIf an application is developed in an insecure manner, the network and infrastructurecomponents are not hardened or secured, meaning it will cause weaknesses, which can also becalled loopholes or vulnerabilities. The vulnerability assessment is a technique that uncoversthese loopholes in a system.Penetration Testing follows the following process:Discovery, Enumeration, Vulnerability Mapping, Exploitation and ReportingTypes of penetration testingBlackbox testing is conducted without prior knowledge about the information system,infrastructure component or the application against which the testing is carried out.Credentials to authenticate into the systems are not shared and need to be uncovered aspart of the assessment. This type of testing closely simulates a real-world attack by anexternal party. Blackbox testing is also called a zero-knowledge test.A commondisadvantage of this type of testing is that it will probably not detect all vulnerabilities.Another disadvantage is that the testing team may inadvertently impact another system.Whitebox testing is conducted with full knowledge of the information system,infrastructure component or application under test. For example, in the case ofapplication white-box penetration testing, the complete details of the applicationincluding the URL, credentials for authentication, data flow and other test information, isprovided in advance for conducting the test. In extreme cases, the complete source codeof the application or the complete network topology is shared with the tester to identifyexploits.A Whitebox testing allows the tester or the test team to target specific internalcontrols and features. It may yield better results but does not simulate a real-worldattack. Show
The Domain Name System, commonly known as DNS, is often referred to as the "phone book" of the Internet. Every time we access the Internet to visit our favorite websites, shop and pay bills online, or access online portals for healthcare or banking, we depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly powerful and useful, it also presents a rich attack surface for threat actors: allowing them to shut down websites and online services, replace legitimate website content with threats and extortion attempts, or even route traffic to a carbon copy of a legitimate website to steal any information entered by users intending to conduct business as usual. "Understanding DNS Attacks" provides key information you need to know to protect yourself and your organization from DNS infrastructure tampering including common vulnerabilities, how to identify a potential attack, and guidance and best practices to mitigate the likelihood and impact of a successful DNS attack. Table of Contents Show
This webinar is accessible to non-technical learners including managers and business leaders, and offers an organizational perspective useful to technical specialists. Learning Objectives:
Date: 2021 Training Proficiency Area: Level 1 - Beginner Training Purpose: Skill Development Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
Lesson 1: Explaining the OSI and TCP/IP Models Lesson 2: Explaining Properties of Network Traffic Lesson 3: Installing and Configuring Switched Networks Lesson 4: Configuring IP Networks Lesson 4: Configuring IP Networks Lesson 5: Installing and Configuring Routed Networks Lesson 6: Configuring and Monitoring Ports and Protocols Lesson 7: Explaining Network Application and Storage Services Lesson 8: Monitoring and Troubleshooting Networks Lesson 9: Explaining Networking Attacks and Mitigations Lesson 10: Installing and Configuring Security Devices Lesson 11: Explaining Authentication and Access Controls Lesson 12: Deploying and Troubleshooting Cabling Solutions Lesson 13: Implementing and Troubleshooting Wireless Technologies Lesson 14: Comparing and Contrasting WAN Technologies Lesson 15: Using Remote Access Methods Remedial Review of lessons covered. Remedial Review of lessons Remedial Review of lessons covered. Remedial Review of lessons covered. The Security+ course is five (5) weeks long with 45 hours of Live Instructor led course and hands-on Instructor led Labs plus and Q and A sessions. The course is led by knowledgeable Instructors and include the online course of instruction, eBook and Hard cover book, Instructor led Labs as well as Instructor/SME led question and answer sessions. Domain 1.0 Threats, Attacks and Vulnerabilities1.1 Given a scenario, analyze indicators of compromise and determine
the type of malware. 1.3 Explain threat actor types and attributes 1.3.1 Types of actors1.3.2 Attributes of actors1.4 Explain penetration testing concepts 1.4.1 Penetration testing process1.4.1.1 Reconnaissance1.4.1.2 Initial exploitation1.4.1.3 Persistence1.4.1.4 Pivot1.4.1.5 Escalation of privilege1.4.2 Penetration testing vs. Vulnerability scanning1.4.3 Black box vs. Gray box vs. White box1.5 Explain vulnerability scanning concepts 1.5.1 Identifying1.5.1.1 Vulnerability / Unpatched system or application1.5.1.2 Lack of security controls1.5.1.3 common misconfigurations1.5.2 Intrusive vs. non-intrusive1.5.3 Credentialed vs. non-credentialed1.6 Explain the impact associated with types of vulnerabilities 1.6.1 Configuration issues1.6.2 Access control1.6.3 Cryptography, certificate and key management1.6.4 Application vulnerabilities1.6.5 Application input handling Domain 2.0 Technologies and Tools2.1 Install and configure network components, both hardware and software-based, to support 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization 2.2.1 Network scanners2.2.2 Protocol analyzer2.2.3 Wireless scanners / crackers2.2.4 Exploitation frameworks2.2.5 Passive vs Active2.2.6 Scanners: Vulnerability, Configuration compliance and inventory2.2.7 Password crackers2.2.8 Backup Utilities2.2.9 Honeypot / Honeynet2.2.10 Steganography2.2.11 Command line tools: Unix/Linux and Windows2.3 Given a scenario, troubleshoot common security issues 2.3.1 Personnel2.3.2 Asset Management / Misconfigured devices2.3.3 Identity, Access, Authentication, Authorization and Audit (IAAAA)2.3.4 Encryption2.4 Given a scenario, analyze and interpret output from security technologies 2.4.1 Network security technologies2.4.2 Host security technologies2.4.3 Data security technologies2.5 Given a scenario, deploy mobile devices securely 2.5.1 Connection methods2.5.2 Mobile device management concepts2.5.3 Enforcement and monitoring2.5.4 Deployment models2.6 Given a scenario, implement secure protocols 2.6.1 Protocols2.6.2 Use cases Domain 3.0 Architecture and Design3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides3.1.1 Industry-standard frameworks and reference architectures3.1.2 Benchmarks/secure configuration guides3.1.3 Defense-in-depth/layered security 3.2 Given a scenario, implement secure network architecture concepts. 3.2.1 Zones/topologies3.2.2 Segregation/segmentation/isolation3.2.3 VPN / Tunneling3.2.4 Security device/technology placement3.2.5 Software Defined Networks (SDN)3.3 Given a scenario, implement secure systems design 3.3.1 Hardware/firmware security3.3.2 Operating System Security3.3.3 Peripherals3.4 Explain the importance of secure staging deployment concepts 3.4.1 Secure baseline3.4.2 Sandboxing3.4.3 Environment3.4.4 Integrity measurement3.5 Explain the security implications of embedded systems. 3.5.1 ICS / SCADA3.5.2 IoT / Smart Devices3.5.3 Printers / MFDs3.5.4 Camera systems3.5.5 Special purpose3.6 Summarize secure application development and deployment concepts 3.6.1 Development life-cycle models3.6.2 Secure DevOps / SecDevOps3.6.3 Version control and change management3.6.4 Provisioning and deprovisioning3.6.5 Secure coding techniques3.6.6 Code quality and testing3.7 Summarize cloud and virtualization concepts 3.7.1 Hypervisor3.7.2 Virtual Machine (VM)3.7.3 Cloud computing3.7.3.1 Deployment models3.7.3.2 Storage3.7.3.3 Access3.8 Explain how resiliency and automation strategies reduce risk 3.8.1 Automation/scripting3.8.2 Master image3.8.3 Non-persistence3.8.4 Forms and functions3.9 Explain the importance of physical security controls Domain 4.0 Identity and Access Management4.1 Compare and contrast identity and access management concepts.4.1.1 Identification, authentication, authorization and accounting (AAA)4.1.2 Multifactor authentication4.1.3 Single Sign-On (SSO) / Federation 4.2 Given a scenario, install and configure identity and access services 4.3 Given a scenario, implement identity and access management controls4.3.1 Access Control Models4.3.2 Physical Access Control4.3.3 Biometrics4.3.4 Tokens4.3.5 Certificate-based authentication4.3.6 Authorization: file-system and database4.4 Given a scenario, differentiate common account management practices.4.4.1 General concepts4.4.2 Account types 4.4.3 Account policy enforcement Domain 5.0 Risk Management5.1 Explain the importance of policies, plans and procedures related to organizational security5.1.1 Standard operating procedures5.1.2 Agreement types5.1.3 Personnel management5.1.4 General security policies 5.2 Summarize business impact analysis concepts 5.3 Explain risk management processes and concepts5.3.1 Threat assessment5.3.2 Risk assessment5.3.3 Change management 5.4 Given a scenario, follow incident response procedures 5.4.1 Incident response plan5.4.2 Incident response process5.5 Summarize basic concepts of forensics 5.5.1 Data acquisition5.5.2 Preservation / Order of volatility5.5.3 Chain of custody5.5.4 Legal hold5.5.5 Recovery5.6 Explain disaster recovery and continuity of operations concepts 5.6.1 Backup concepts5.6.2 Geographic considerations5.6.3 Continuity of operations planning5.6.4 Recovery sites5.6.5 Order of restoration5.7 Compare and contrast various types of controls 5.7.1 Administrative5.7.2 Technical5.7.3 Physical5.7.4 Corrective5.7.5 Preventive5.7.6 Detective5.7.7 Deterrent5.7.8 Compensating5.8 Given a scenario, carry out data security and privacy practices 5.8.1 Data sensitivity labeling and handling5.8.2 Data roles5.8.3 Data destruction and media sanitization5.8.4 Legal and compliance Domain 6.0 Cryptography and PKI6.1 Compare and contrast basic concepts of cryptography6.1.1 Symmetric algorithms6.1.2 Asymmetric algorithms6.1.3 Hashing6.1.4 Keys and key exchange6.1.5 Digital signatures6.1.6 Common use cases 6.2 Explain cryptography algorithms and their basic characteristics 6.2.1 Symmetric algorithms6.2.2 Cipher modes6.2.3 Asymmetric algorithms6.2.4 Hashing algorithms6.3 Given a scenario, install and configure wireless security settings 6.3.1 Cryptographic protocols6.3.2 Authentication protocols6.3.3 Methods6.4 Given a scenario, implement public key infrastructure 6.4.4 Certificate formats The Certified Ethical Hacker (CEH) credential is the most trusted ethical hacking certification and accomplishment recommended by employers globally. It is the most desired information security certification and represents one of the fastest-growing cyber credentials required by critical infrastructure and essential service providers. Since the introduction of CEH in 2003, it is recognized as a standard within the information security community. CEH v11 continues to introduce the latest hacking techniques and the most advanced hacking tools and exploits used by hackers and information security professionals today. The Five Phases of Ethical Hacking and the original core mission of CEH remain valid and relevant today: “To beat a hacker, you need to think like a hacker.” Course Outline:
Fundamentals of Information Technology
Fundamentals and intermediate skills of Software and Hardware support
End User Awareness
Intermediate Network Concepts
Intermediate Security Concepts
Fundamentals of Information Technology
Intermediate Network Concepts
Intermediate Security Concepts
Cloud Computing
Operating System and Server and Workstation Concepts
Cyber Policy and Compliance
Critical Controls Security and Network Operations Center Concepts
Intermediate Network Concepts
Intermediate Security Concepts
Vulnerability Assessment
Fundamentals of Ethical Hacking and Penetration Testing
Intermediate Ethical Hacking and Penetration Testing
Advanced Ethical Hacking and Penetration Testing
Which type of phishing is conducted over the voice?Voice phishing, these are calls from attackers claiming to be government agencies such as the IRS, software vendors like Microsoft, or services offering to help with benefits or credit card rates. Attackers will often appear to be calling from a local number close to yours.
Which type of phishing is conducted over the Voice over IP lines where the attacker pretends to be a legitimate caller from a bank?Vishing, sometimes called cyber vishing, is a form of phishing that uses a traditional telephone or voice over internet protocol (VoIP) call with either an actual person talking, a text or other vishing tools.
Which method of threat hunting includes disrupt deny destroy and degrade actions?Kill Chains are a military concept; in the original paper, the authors create a very clever matrix relating courses of actions to the DoD's IO actions: Detect, Deny, Disrupt, Degrade, Deceive, and Destroy.
Which of the following is considered as the root of the Active Directory hierarchy?An Active Directory always begins with a forest root domain, which is automatically the first domain you install. This root domain becomes the foundation for additional directory components.
|