This cyber security simulation training course enables the cyber-security workforce to understand the attacker’ state of mind and his mode of attack and to drill their practice in network management tools, and above all, to detect the attack and mitigate the consequences in advance.
Ours is a cloud-based or live, complete and flexible training platform that can be used to manage a full Cyber training life cycle, including the dynamic configuration and simulation of a virtualized replica of a real-life IT & ICS environment and management of training courses (White team – Teacher, Blue team – students), student tracking, Red-Blue exercises and self-training content.
The course is structured in sessions; each one encompasses a short theoretical introduction and a practical exercise.
2.1 SESSION 1:
Introduction to Cyber Defense (fundamental lectures)
Become aware of and understand the different approach and state of mind between Cyber Security vs. Classical Information Security
2.2 SESSION 2:
Practical Introduction to Enterprise Security Administration -Introducing and utilising the cyber security defense tools ,the enterprise components comprising the Cybrave student environment and utilising the students’ roles within the team:
The students will learn how to use the facilities, how to use the cyber defense tools such as SIEM, FW, LOGS, Active directory (etc.), how to detect and how to prevent future attack, and utilise development skills such as leadership, communication and conflict resolution.
2.3 SESSION 3:
Become familiar with Attack stages and the Adversary arsenal
The students will learn and practise the different cyber attack stages, how to detect attacks using different tools, and the difference between actual attacks and false positive alerts.
2.4 SESSION 4:
The students will learn how to detect a Trojan in the network using start-up options, event log handling, traffic sniffing and information flow.
2.5 SESSION 5:
The students will learn about the various WEB attacks techniques.
(SQL Injection, XSS, Parameter Manipulation) and practise an exercise of a WEB attack in line with DNS attack.
2.6 SESSION 6:
Advance multi-stage attack scenario #1
The students will practise a multi-stage attack which initiates on one client and later spreads throughout the network. The students will learn to identify the various ingredients of the attack, identify the attack pattern and mitigation activity.
2.7 SESSION 7:
Multiple attack vectors - Advance scenario #2
The students will practise an advanced APT attack with multi-vector techniques that spread throughout the network. The student will independently contain the incident by exercising all the insights that he/she has gained during the course.
2.8 SESSION 8:
Multiple attack vectors - Advance scenario #3
The students will practise an advanced APT attack with multi-vectors techniques that spread throughout the network. The student will independently contain the incident by exercising all the insights that he gained during the course.
1. Following each session the instructor will review and debrief each student’s actions, his/her activities and successes. Each session will be complemented by an in-depth explanation of the full vector attack taken in the scenario, providing the students with insights, explaining the "text book solution" and giving each student their final score.
Key words covered in the course:
Stuxnet & Flame
DUQU Attributes: Malicious HTTP Activity, Registry Entries, Malicious Files, Task Scheduler. Event Log Messages
Hosts File Manipulation
Change DNS Server
Netcat Reverse Shell
Netcat – Internal Port Scan
Lateral Brute Force
Contact C&C server
Local Hash Dump
Crack local admin password
Domain Hash Dump
Socially engineered mail
Using local credentials
Create Bot Network
08/02/2018: The need for increased application security is dramatically changing the way software is built – for the better. By prioritising security during...
22/01/2018: The new Global Data Protection Regulation (GDPR) promises to be the biggest change in corporate information security since the original Data...
15/01/2018: As 2018 gets under way, now is the perfect time to revisit the OWASP 2017 conference – and apply the best-practice guidelines discussed at the...
19/10/2017: A leading Financial Services organisation was keen to get several of its teams working consistently in an "Agile" way. Agile is an iterative...
13/10/2017: The BBC, who have a very substantial investment in technology, were keen to improve the quality of software development: to instil developers...
07/10/2017: This client was expanding its capability to deliver technical training across EMEA. It had recently acquired a large technology company which...
Bring a JBI course to your office
and train a whole team onsite
0800 028 6400 or request quote
0800 028 6400
Why JBI ?
"great technology tips"
"Access to exclusive content"
"Short course means less time off"
"Joined via web"
"Knowledgable sales staff"