This cyber security simulation training course enables the cyber-security workforce to understand the attacker’ state of mind and his mode of attack and to drill their practice in network management tools, and above all, to detect the attack and mitigate the consequences in advance.
Ours is a cloud-based or live, complete and flexible training platform that can be used to manage a full Cyber training life cycle, including the dynamic configuration and simulation of a virtualized replica of a real-life IT & ICS environment and management of training courses (White team – Teacher, Blue team – students), student tracking, Red-Blue exercises and self-training content.
The course is structured in sessions; each one encompasses a short theoretical introduction and a practical exercise.
2.1 SESSION 1:
Introduction to Cyber Defense (fundamental lectures)
Become aware of and understand the different approach and state of mind between Cyber Security vs. Classical Information Security
2.2 SESSION 2:
Practical Introduction to Enterprise Security Administration -Introducing and utilising the cyber security defense tools ,the enterprise components comprising the Cybrave student environment and utilising the students’ roles within the team:
The students will learn how to use the facilities, how to use the cyber defense tools such as SIEM, FW, LOGS, Active directory (etc.), how to detect and how to prevent future attack, and utilise development skills such as leadership, communication and conflict resolution.
2.3 SESSION 3:
Become familiar with Attack stages and the Adversary arsenal
The students will learn and practise the different cyber attack stages, how to detect attacks using different tools, and the difference between actual attacks and false positive alerts.
2.4 SESSION 4:
The students will learn how to detect a Trojan in the network using start-up options, event log handling, traffic sniffing and information flow.
2.5 SESSION 5:
The students will learn about the various WEB attacks techniques.
(SQL Injection, XSS, Parameter Manipulation) and practise an exercise of a WEB attack in line with DNS attack.
2.6 SESSION 6:
Advance multi-stage attack scenario #1
The students will practise a multi-stage attack which initiates on one client and later spreads throughout the network. The students will learn to identify the various ingredients of the attack, identify the attack pattern and mitigation activity.
2.7 SESSION 7:
Multiple attack vectors - Advance scenario #2
The students will practise an advanced APT attack with multi-vector techniques that spread throughout the network. The student will independently contain the incident by exercising all the insights that he/she has gained during the course.
2.8 SESSION 8:
Multiple attack vectors - Advance scenario #3
The students will practise an advanced APT attack with multi-vectors techniques that spread throughout the network. The student will independently contain the incident by exercising all the insights that he gained during the course.
1. Following each session the instructor will review and debrief each student’s actions, his/her activities and successes. Each session will be complemented by an in-depth explanation of the full vector attack taken in the scenario, providing the students with insights, explaining the "text book solution" and giving each student their final score.
Key words covered in the course:
Stuxnet & Flame
DUQU Attributes: Malicious HTTP Activity, Registry Entries, Malicious Files, Task Scheduler. Event Log Messages
Hosts File Manipulation
Change DNS Server
Netcat Reverse Shell
Netcat – Internal Port Scan
Lateral Brute Force
Contact C&C server
Local Hash Dump
Crack local admin password
Domain Hash Dump
Socially engineered mail
Using local credentials
Create Bot Network
Receive the latest version of this course by email & subscribe to our Newsletter
AI & ML training course
React training course
Threat Modelling training course
Python for Data Analysts training course
Power BI training course
Machine Learning training course
Spring & Boot Microservices training course
Terraform training course
Kubernetes training course
C++ training course
Biztalk training course