There has been an increase in data breaches over the recent years. With almost 143 million Americans who have had their data compromised in data breaches. These breaches include all sorts of sensitive data, including financial information, election controversies, social security, just to name a few. The role of a cybersecurity professional has become increasingly vital for the health of any small to large organization, whether in the private or public sector.
Understanding the challenges behind a cybersecurity role is fundamental to tackle the problems that may arise when dealing with a security threat first-hand. In this post, we take a look at what cybersecurity professionals should be able to do to prevent exposing their teams, projects, and wider organizations to security attacks.
Contents
- Cybersecurity Training in a Real Environment Experience
- Network Mapping and Target Identification
- Interpreting Security Tool Output
- Security Audit Techniques
- Detecting Windows Vulnerabilities
- Cracking Passwords in Linux
- Exploiting Vulnerable Network File System (NFS) Share
- Exploiting Remote Procedure Call (RPC) Services
- Execute a Stored Cross-Site Scripting (XSS) Attack
- Execute a Reflected Cross-Site Scripting (XSS) Attack
- Perform a SQL Injection (SQLi) Attack
Cybersecurity Training with a Real Environment Experience
Cybersecurity issues are more easily learned by doing. With the help of a team of cloud security experts, we’ve identified the most recurring security topics any cybersecurity professional should be able to handle and we’ve built practical training around them to validate your understanding of such challenges, and test your knowledge in enterprise-based scenarios, so you are in a position to prevent such attacks.
With a single click of the “Start Lab” button, each lab is configured in a secure, sandboxed environment. Hands-on Labs are completely managed by Cloud Academy. No AWS, Azure, or Google Cloud Platform account is required. They’re active within seconds and shut down securely and automatically once completed.
Network Mapping and Target Identification
The first step of any network security assessment is to run network mapping which identifies what devices are operating on the network.
The Network Mapping and Target Identification Hands-on Lab tests your knowledge on network mapping. More specifically, you will learn to use different tools in Kali Linux to map out a local network and identify targets by discovering hosts on the network. You will understand how to scan for active network devices using the ARP scanner, Nmap, and Zenmap tools. To complete this lab you should be familiar with working at the command-line in Linux.
Interpreting Security Tool Output
Interpreting reported results and analysis of data can be simplified using the right tools. The Interpreting Security Tool Output Hands-on Lab builds your knowledge on two popular security tools: Nmap and Wireshark. By the end of the lab, you will be confident in performing fast and full port scans of targets using Nmap. You will also know how to analyze network traffic with Wireshark and understand how security tools can communicate over the network. To complete this lab, you should have a basic understanding of Nmap, ARP scanner, and TCP/IP and OSI network models. You can fulfill this lab’s requirements by completing the Network Mapping and Target Identification Lab and the OSI and TCP/IP Networking Models Course.
Security Audit Techniques
Regularly auditing the ports used by your system is part of an efficient security strategy. Unexpected connections and listening ports can be indicators that the system has been exploited and require further investigation to understand the cause. Modern Linux systems use the socket statistics command audit network and other types of sockets. The Security Audit Techniques Hands-on Lab focuses on auditing the network security of Linux hosts. You’ll learn how to use socket statistics to audit a Kali Linux system. A socket is an endpoint for communication. To complete this lab, you should have a basic understanding of TCP and UDP network protocols. You can fulfill the prerequisites by completing the OSI and TCP/IP Networking Models Course.
The video below, taken from the Security Audit Techniques lab, is a live demonstration of how to audit network socket statistic with the ss protocol and gives you a taste of the Cloud Academy lab experience.
Detecting Windows Vulnerabilities
As of 2019, Microsoft’s Windows operating system is by far the most popular operating system used in the world with more than 700 million devices now running on Windows 10. With such a large installation base, Windows systems become increasingly attractive for attackers.
The Detecting Windows Vulnerabilities Hands-on Lab focuses on the vulnerabilities of a Windows host and how to prevent them. In this lab, you will also learn about Windows tools that can help identify system vulnerabilities. To complete this lab, you should have a basic knowledge of working with the Windows operating system.
Cracking Passwords in Linux
As much as we attempt to avoid being password dependent, passwords represent the most common way to authenticate users. In the Cracking Passwords in Linux Hands-on Lab, you’ll be shown some of the frequent password-based challenges. You’ll learn how to launch a password crack attack on Linux system users. You’ll also understand how to crack passwords and how to defend against such attacks. To complete this lab, you should be familiar with working at the command-line in Linux.
Exploiting Vulnerable Network File System (NFS) Share
If you are looking to share files over a network whilst having centralized management of your files, a Network File System (NFS) is the ideal convenient solution. NFS can be exposed to security threats. In the Exploiting Vulnerable Network File System (NFS) Shares Hands-on Lab, you’ll be taken through the security challenges of an insecure NFS file share. You’ll learn the different types of sensitive data attackers may target and what you can do for securing NFS shares and when to use them.
Exploiting Remote Procedure Call (RPC) Services
Remote Procedure Calls (RPCs) are a generic framework for clients to execute procedures on servers. However, RPCs can be vulnerable to prevent overflow attacks that allow attackers to inject malicious code. Furthermore, many RPCs run with high privileges giving attackers complete control over more vulnerable systems. In the Exploiting Remote Procedure Call (RPC) Services Hands-on Lab, you will learn how to scan remote systems for RPC access using Nmap. You’ll also understand the type of sensitive information attackers are more likely to target and what options you have to prevent attacks. To complete this lab, you should have a basic knowledge of the command-line in Linux.
The video below, taken from the lab, is a live demonstration of how to exploit RPC services.
Execute a Stored Cross-Site Scripting (XSS) Attack
Cross-site scripting (XXX) is a security vulnerability of web applications. With XSS, attackers can run scripts on the machines of clients of a targeted web app. This way attackers can steal credentials and sessions from clients or deliver malware. The Open Web Application Security Project (OWASP) has included XSS in its top ten list of the most critical web application security risks. In the Execute a Stored Cross-Site Scripting (XSS) Attack Hands-on Lab you will use a web application that is intentionally vulnerable to illustrate a typical attack. To complete this lab, you should be familiar with HTML and Javascript.
Execute a Reflected Cross-Site Scripting (XSS) Attack
Following from the previous lab on stored XSS attacks, the Execute a Reflected Cross-Site Scripting (XSS) Attack Hands-on Lab focuses on a reflected cross-site scripting attack. Reflected XSS, often described as non-persistent XSS, is one of the most common kinds of XSS. Reflected XSS attacks occur when a user clicks a specially-constructed link that stores a malicious script that an attacker injects. Same as the other lab, you will use a web application that is intentionally vulnerable to illustrate the attack. To complete this lab, you should be familiar with HTML and Javascript language.
Perform a SQL Injection (SQLi) Attack
Injection flaws enable attackers to transfer malicious code through an application to another system. An example of one of such systems is SQL databases. When SQL databases are targets of such attacks they are defined as SQL injections (SQLi). The Perform a SQL Injection Attack Hands-on Lab takes you through an example of an SQLi attack. By allowing user input to form part of the SQL query that is executed, you will be able to extract data you should not have access to. You will use a web application that is intentionally vulnerable to illustrate the attack. To complete this lab, it is preferable you have a basic understanding of SQL.
All these labs are designed for the CREST Practitioner Security Analyst (CPSA) certification examination. But they are beneficial for any security practitioner in general.
If you’re a cybersecurity professional, these hands-on labs will support your continuous training and guidance with real practical examples so you can be sure to keep your cloud environment secure and compliant.
