Cyber Range - Blue Team
Course Overview:
This course introduces participants to the principles of cybersecurity from a pro-active defender standpoint. The course covers the steps and processes that a blue team member would follow to strengthen the security posture of their network and when faced with a real-time cyber-attack.
Duration:
Half day
Goals:
Assess the security landscape of your network using various tools. Also, develop a basic response plan to protect assets.
Target Audience:
Anyone interested to move into the cyber security industry & cyber security professionals looking to sharpen their skills.
Prerequisites:
- Basic knowledge of networking concepts
- Basic knowledge of Linux/Windows systems
Session Overview:
- Introduction to Linux/Windows based operating systems and basic networking concepts
- Using the Alienvault SIEM tool
- Discover assets/machines across your network
- Vulnerability & Risk Assessment
- Intrusion Detection
- Response and Containment
- Scanning for malicious software
- Analysing the malicious software
Course Overview:
This course introduces participants to the various forms of denial of service, how to inspect those attacks at the lowest layer to find where the attacker(s) may have originated from and how to implement real-world solutions that can reduce the risk of damage in the future.
Duration:
Half day
Goals:
Inspect different forms of Denial of Service attacks. Developed and implement techniques to mitigate the damage. Implement a simple Intrusion Prevention System (IPS) to automate response.
Target Audience:
Anyone interested to move into the cyber security industry & cyber security professionals looking to sharpen their skills.
Prerequisites
- Basic knowledge of networking concepts
- Basic knowledge of Linux/Windows systems
Session Overview:
- Introduction to Linux/Windows based operating systems and basic networking concepts
- Packet analysis using Wireshark
- Basic Introduction
- Inspect a TCP-SYN Flood attack
- Inspect a spoofed ICMP flood attack
- DoS/DDoS mitigations
- SYN Cookies
- ICMP Block
- Packet Filtering
- Implement an IDS/IPS system using Snort
- Intrusion response and prevention