Top 10 Things Cybersecurity Professionals Need to Know

There has been an increase in data breaches over the recent years. With almost 143 million Americans who have had their data compromised in data breaches. These breaches include all sorts of sensitive data, including financial information, election controversies, social security, just to name a few. The role of a cybersecurity professional has become increasingly vital for the health of any small to large organization, whether in the private or public sector.

Understanding the challenges behind a cybersecurity role is fundamental to tackle the problems that may arise when dealing with a security threat first-hand. In this post, we take a look at what cybersecurity professionals should be able to do to prevent exposing their teams, projects, and wider organizations to security attacks.

Contents

Cybersecurity Training with a Real Environment Experience

Cybersecurity issues are more easily learned by doing. With the help of a team of cloud security experts, we’ve identified the most recurring security topics any cybersecurity professional should be able to handle and we’ve built practical training around them to validate your understanding of such challenges, and test your knowledge in enterprise-based scenarios, so you are in a position to prevent such attacks.

With a single click of the “Start Lab” button, each lab is configured in a secure, sandboxed environment. Hands-on Labs are completely managed by Cloud Academy. No AWS, Azure, or Google Cloud Platform account is required. They’re active within seconds and shut down securely and automatically once completed.

Network Mapping and Target Identification

The first step of any network security assessment is to run network mapping which identifies what devices are operating on the network.

The Network Mapping and Target Identification Hands-on Lab tests your knowledge on network mapping. More specifically, you will learn to use different tools in Kali Linux to map out a local network and identify targets by discovering hosts on the network. You will understand how to scan for active network devices using the ARP scanner, Nmap, and Zenmap tools. To complete this lab you should be familiar with working at the command-line in Linux.

Interpreting Security Tool Output

Interpreting reported results and analysis of data can be simplified using the right tools. The Interpreting Security Tool Output Hands-on Lab builds your knowledge on two popular security tools: Nmap and Wireshark. By the end of the lab, you will be confident in performing fast and full port scans of targets using Nmap. You will also know how to analyze network traffic with Wireshark and understand how security tools can communicate over the network. To complete this lab, you should have a basic understanding of Nmap, ARP scanner, and TCP/IP and OSI network models. You can fulfill this lab’s requirements by completing the Network Mapping and Target Identification Lab and the OSI and TCP/IP Networking Models Course.

Security Audit Techniques

Regularly auditing the ports used by your system is part of an efficient security strategy. Unexpected connections and listening ports can be indicators that the system has been exploited and require further investigation to understand the cause. Modern Linux systems use the socket statistics command audit network and other types of sockets. The Security Audit Techniques Hands-on Lab focuses on auditing the network security of Linux hosts. You’ll learn how to use socket statistics to audit a Kali Linux system. A socket is an endpoint for communication. To complete this lab, you should have a basic understanding of TCP and UDP network protocols. You can fulfill the prerequisites by completing the OSI and TCP/IP Networking Models Course.

The video below, taken from the Security Audit Techniques lab, is a live demonstration of how to audit network socket statistic with the ss protocol and gives you a taste of the Cloud Academy lab experience.

Detecting Windows Vulnerabilities

As of 2019, Microsoft’s Windows operating system is by far the most popular operating system used in the world with more than 700 million devices now running on Windows 10. With such a large installation base, Windows systems become increasingly attractive for attackers.

The Detecting Windows Vulnerabilities Hands-on Lab focuses on the vulnerabilities of a Windows host and how to prevent them. In this lab, you will also learn about Windows tools that can help identify system vulnerabilities. To complete this lab, you should have a basic knowledge of working with the Windows operating system.

Cracking Passwords in Linux

As much as we attempt to avoid being password dependent, passwords represent the most common way to authenticate users. In the Cracking Passwords in Linux Hands-on Lab, you’ll be shown some of the frequent password-based challenges. You’ll learn how to launch a password crack attack on Linux system users. You’ll also understand how to crack passwords and how to defend against such attacks. To complete this lab, you should be familiar with working at the command-line in Linux.

Exploiting Vulnerable Network File System (NFS) Share

If you are looking to share files over a network whilst having centralized management of your files, a Network File System (NFS) is the ideal convenient solution. NFS can be exposed to security threats. In the Exploiting Vulnerable Network File System (NFS) Shares Hands-on Lab, you’ll be taken through the security challenges of an insecure NFS file share. You’ll learn the different types of sensitive data attackers may target and what you can do for securing NFS shares and when to use them.

Exploiting Remote Procedure Call (RPC) Services

Remote Procedure Calls (RPCs) are a generic framework for clients to execute procedures on servers. However, RPCs can be vulnerable to prevent overflow attacks that allow attackers to inject malicious code. Furthermore, many RPCs run with high privileges giving attackers complete control over more vulnerable systems. In the Exploiting Remote Procedure Call (RPC) Services Hands-on Lab, you will learn how to scan remote systems for RPC access using Nmap. You’ll also understand the type of sensitive information attackers are more likely to target and what options you have to prevent attacks. To complete this lab, you should have a basic knowledge of the command-line in Linux.

The video below, taken from the lab, is a live demonstration of how to exploit RPC services.

Execute a Stored Cross-Site Scripting (XSS) Attack

Cross-site scripting (XXX) is a security vulnerability of web applications. With XSS, attackers can run scripts on the machines of clients of a targeted web app. This way attackers can steal credentials and sessions from clients or deliver malware. The Open Web Application Security Project (OWASP) has included XSS in its top ten list of the most critical web application security risks. In the Execute a Stored Cross-Site Scripting (XSS) Attack Hands-on Lab you will use a web application that is intentionally vulnerable to illustrate a typical attack. To complete this lab, you should be familiar with HTML and Javascript.

Execute a Reflected Cross-Site Scripting (XSS) Attack

Following from the previous lab on stored XSS attacks, the Execute a Reflected Cross-Site Scripting (XSS) Attack Hands-on Lab focuses on a reflected cross-site scripting attack. Reflected XSS, often described as non-persistent XSS, is one of the most common kinds of XSS. Reflected XSS attacks occur when a user clicks a specially-constructed link that stores a malicious script that an attacker injects. Same as the other lab, you will use a web application that is intentionally vulnerable to illustrate the attack. To complete this lab, you should be familiar with HTML and Javascript language.

Perform a SQL Injection (SQLi) Attack

Injection flaws enable attackers to transfer malicious code through an application to another system. An example of one of such systems is SQL databases. When SQL databases are targets of such attacks they are defined as SQL injections (SQLi). The Perform a SQL Injection Attack Hands-on Lab takes you through an example of an SQLi attack. By allowing user input to form part of the SQL query that is executed, you will be able to extract data you should not have access to. You will use a web application that is intentionally vulnerable to illustrate the attack. To complete this lab, it is preferable you have a basic understanding of SQL.

All these labs are designed for the CREST Practitioner Security Analyst (CPSA) certification examination. But they are beneficial for any security practitioner in general.

If you’re a cybersecurity professional, these hands-on labs will support your continuous training and guidance with real practical examples so you can be sure to keep your cloud environment secure and compliant.

Avatar

Written by

Paola Di Pietro

Paola is passionate about all things digital. Curious at heart, her motto is #neverstoplearning. She's worked in digital marketing in the UK for over 8 years and now loves contributing to the Cloud Academy blog.


Related Posts

Alisha Reyes
Alisha Reyes
— April 9, 2020

New on Cloud Academy: AWS Solutions Architect – Associate Exam Prep, Azure Courses, Google Associate Cloud Engineer Exam Prep, Programming Labs, and Much More

Free content on Cloud Academy More and more customers are relying on our technology and content to keep upskilling their people in these months, and we are doing our best to keep supporting them. While the world fights the COVID-19 pandemic, we wanted to make a small contribution to he...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
  • programming
Avatar
Logan Rakai
— April 7, 2020

How to Effectively Use Azure DevOps

Azure DevOps is a suite of services that collaborate on software development following DevOps principles. The services in Azure DevOps are: Azure Repos for hosting Git repositories for source control of your code Azure Boards for planning and tracking your work using proven agil...

Read more
  • Azure
  • DevOps
Alisha Reyes
Alisha Reyes
— March 17, 2020

Cloud Academy’s Blog Digest: How Do AWS Certifications Increase Your Employability, How to Become a Microsoft Certified Azure Data Engineer, and more

With everything going on right now, it's likely that the only thing you've been reading lately is related to the coronavirus pandemic. It's important to stay informed during these times, but it's also good to jump into something that can take your mind off of the current situation for j...

Read more
  • AWS
  • Azure
  • blog digest
  • Certifications
  • Cloud Academy
  • programming
  • Security
Avatar
Cloud Academy Team
— March 13, 2020

Which Certifications Should I Get?

As we mentioned in an earlier post, the old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and compan...

Read more
  • AWS
  • Azure
  • Certifications
  • Cloud Computing
  • Google Cloud Platform
Avatar
Guy Hummel
— March 10, 2020

How to Become a Microsoft Certified Azure Data Engineer

Data engineering is one of the most sought-after skills in the job market. According to a 2019 Dice.com report, there was an 88% year-over-year growth in job postings for data engineers, which was the highest growth rate among all technology jobs. If you want to become a data enginee...

Read more
  • Azure
  • Data Engineer
  • DP-200
  • DP-201
  • Microsoft
Alisha Reyes
Alisha Reyes
— March 7, 2020

New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more

New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...

Read more
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Alisha Reyes
Alisha Reyes
— March 6, 2020

New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more

New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...

Read more
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Avatar
Thomas Mitchell
— February 27, 2020

5 Steps to Vulnerability Management for Containers

Organizations have begun embracing containers due to their simplicity and to the fact that they allow for a faster development and deployment velocity. Although developers are thrilled with containers because they allow them to deliver solutions more quickly, security teams are sometime...

Read more
  • AZ-500
  • AZ-500 Exam
  • Azure
  • vulnerability management
Avatar
Chandan Patra
— February 21, 2020

Elasticsearch vs. CloudSearch: AWS Cloud Search Choices

Elasticsearch vs. CloudSearch: What's the main difference? Let's compare AWS-based cloud tools: Elasticsearch vs. CloudSearch. While both services use proven technologies, Elasticsearch is more popular, open source, and has a flexible API to use for customization; in comparison, CloudS...

Read more
  • AWS
  • Azure
  • cloudsearch
  • elasticsearch
Avatar
Andrew Larkin
— February 13, 2020

Cloud Academy Content Roadmap Updates

Welcome to our Q1 2020 roadmap. This is the content we plan to build over the next three months, between February 1 - and April 30, 2020. Let's look at some of our roadmap highlights. Atlassian Bamboo for CI/CD We had a lot of requests for practical guides on how to apply DevOps tool...

Read more
  • Artificial Intelligence
  • AWS
  • Azure
  • Docker
  • Google Cloud Platform
  • Kubernetes
  • Machine Learning
Alisha Reyes
Alisha Reyes
— February 7, 2020

New on Cloud Academy: Git Labs, CKA and CKAD Lab Challenges, AWS and Azure Learning Paths, AGILE, and Much More

We just kicked off our first Free Weekend of 2020. This means we've unlocked our Training Library for just 72 hours. Until Sunday at 11:59 pm (PST), you can get unlimited access to our industry-leading learning paths, courses, certification prep exams, and our most popular hands-on labs...

Read more
  • agile
  • AWS
  • Azure
  • Google Cloud Platform
  • Linux
  • OWASP
  • programming
  • red hat
  • scrum
Alisha Reyes
Alisha Reyes
— January 31, 2020

How to Unlock Complimentary Access to Cloud Academy

Are you looking to get trained or certified on AWS, Azure, Google Cloud Platform, DevOps, Cybersecurity, Information Security, Python, Java, or another technical skill? Then you'll want to mark your calendars. Starting Friday, February 7 at 12:00 a.m. PST (3:00 a.m. EST), Cloud Acade...

Read more
  • AWS
  • Azure
  • cloud academy content
  • complimentary access
  • GCP
  • on the house