Track 2: Cyber Security Specialization – Attack/Defense Based Range Training

Cyber Security specialization tracks are specifically designed for cyber security team members pursuing knowledge and experience in learning to use security forensics and penetration testing tools, configured within a controlled Cyber Range. Students in these course will learn techniques to build and install tools and to launch cyber attacks in “real-time” and on “real networks.” In addition to advanced offense techniques, team members will also perform analysis or defense actions to fully understand the attack scenarios by implementing attack countermeasures and evasion capabilities.

 

SCN100 – Cloud Range Introduction to Cyber Security Concepts and Techniques

In this introduction to the field of computing and cyber security, students will be given an extensive overview of the various branches of computing security. They will learn cyber security concepts, issues, and tools that are critical in solving problems in the computing security domain.

Students will have the opportunity to learn essential techniques in building and protecting systems and network infrastructures, analyzing and monitoring potential threats and attacks, devising and implementing security solutions for organizations large or small.

The focus of this introductory week is to provide students with the core understanding of what components make up a mature organization, how these fundamentals contribute to cyber security and the ability to demonstrate comprehensive knowledge of each of the domains.

Objectives:

  • Monitor and analyze network traffic using wired and wireless simulations

  • Perform packet capture and analysis

  • Generate attack traffic to detect security incidents

  • Implement perimeter defenses to counter attacks

  • Review the positive effects of system hardening

  • Participate in Malware detection and analysis


SCN110 – Cloud Range Advanced Cyber Security Essentials

In this course, students will be guided through a series of laboratories and experiments in order to explore various mechanisms to learn penetration testing, vulnerability analysis and exploit techniques utilizing common attack frameworks and tools against wired, wireless, web and social engineering examples.

They will utilize the Cloud Range Cyber Range in both hands-on exercises and to reinforce these concepts.  They will undertake a more advanced approach in recognizing attack within internal and external systems by identifying traffic flows and irregular traffic patterns.

These advanced attack and detection techniques will be leveraged to analyze attack/defend scenarios and determine the effectiveness of particular defense deployments against attacks to test Prevent-Detect-Response strategies in a simulated environment.  Multiple attack scenarios will be highlighted using the Cloud Range Cyber Range to simulate live attacks.  These attack scenarios will provide the student with an in-depth understanding of defense strategies.

The conclusion of this Advanced Cyber Security Course will teach students forensics fundamentals and and will perform advanced forensics and data analysis gathering techniques in order to secure the chain of custody following an attack.

Objectives:

  • Build a comprehensive security program focused on preventing, detecting and responding to attacks

  • Identify when attacks are happening inside networks

  • Participate in a hands-on and demonstration exercise using the Cyberbit Range utilizing live attacks in a virtualized self-contained simulation environment)

  • Understand information assurance fundamentals such as confidentiality, integrity and availability, etc.


SCN130 – Cloud Range Advanced Digital Incident Response and Cyber Range Forensics and Threat Hunting

Digital forensics involves the investigation of computer-related crimes with the goal of obtaining evidence to be presented in a court of law.

In this course, participants will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. Participants will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications. Participants will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems and will learn to install and configure a variety of tools within the Cloud Range Cyber Range. Participants will also be guided through forensic procedures and review and analyze forensics reports.

Objectives

  • Launch cyber attacks against Cyber Range Hosts

    • Investigate using Cyber Range forensic tools and scenarios

  • Perform advanced analytics to identify Advanced Persistent Threats

    • Infiltration methods

    • Pivoting techniques

  • Identify chain of custody and legal requirements for data gathering

  • Identify and apply appropriate forensics tools to acquire, preserve and analyze system image

  • Install, configure and operate forensics tools and information gathering techniques within the Cloud Range Cyber Range

  • Understand court admissibility and investigative procedures


SCN140 – Cloud Range Penetration Testing and Ethical Hacking

In this advanced network and penetration testing lab based course, students will utilize the Cyberbit Comprehensive Cyber Range to learn advanced pentesting methodologies to build on proper planning and, scoping, reconnaissance, scanning, exploitation techniques.

Students will build their own Kali Linux and Metasploit instance and learn advanced functions to learn the tools and concepts of attacking a “real-world” network designed with specific vulnerabilities with the Cloud Range Cyber Range. This lab based, purpose built environment assists students in exercising attack skills and allows for the monitoring and analysis of attacks in real-time within the range.

This course prepares students to conduct advanced penetration testing through the detection and exploitation of vulnerabilities.

Objectives:

  • Exercise advanced pentesting techniques incorporating:

    • Reconnaissance

    • Scanning

    • Exploitation

    • Post-Exploitation

  • Exercise advanced Metasploit enumeration and exploitation techniques


SCN161 – Cloud Range Mobile Device Security and Ethical Hacking

In this course, students will learn the fundamentals of mobile security to evaluate the security weaknesses of built-in and third party applications, bypass platform encryption and manipulate apps to circumvent client side controls. Students will leverage automated and manual mobile application analysis tools to identify deficiencies in mobile traffic, file storage and inter-app channels.

Using the knowledge learned in Network penetration techniques, students will deploy a mobile based environment within the Cloud Range Cyber Range and use hands-on exercises leveraging iOS and Android emulators.

Students will take their learned knowledge and conclude this course with numerous attack scenarios designed to test their understanding using the Cyber Range.

Objectives:

  • iOS and Android simulation

    • Analysis of communication channels

    • Traffic capture

  • Malware simulation with samples within mobile technologies