There has been an increase in data breaches over the recent years. With almost 143 million Americans who have had their data compromised in data breaches. These breaches include all sorts of sensitive data, including financial information, election controversies, social security, just to name a few. The role of a cybersecurity professional has become increasingly vital for the health of any small to large organization, whether in the private or public sector.
Understanding the challenges behind a cybersecurity role is fundamental to tackle the problems that may arise when dealing with a security threat first-hand. In this post, we take a look at what cybersecurity professionals should be able to do to prevent exposing their teams, projects, and wider organizations to security attacks.
- Cybersecurity Training in a Real Environment Experience
- Network Mapping and Target Identification
- Interpreting Security Tool Output
- Security Audit Techniques
- Detecting Windows Vulnerabilities
- Cracking Passwords in Linux
- Exploiting Vulnerable Network File System (NFS) Share
- Exploiting Remote Procedure Call (RPC) Services
- Execute a Stored Cross-Site Scripting (XSS) Attack
- Execute a Reflected Cross-Site Scripting (XSS) Attack
- Perform a SQL Injection (SQLi) Attack
Cybersecurity Training with a Real Environment Experience
Cybersecurity issues are more easily learned by doing. With the help of a team of cloud security experts, we’ve identified the most recurring security topics any cybersecurity professional should be able to handle and we’ve built practical training around them to validate your understanding of such challenges, and test your knowledge in enterprise-based scenarios, so you are in a position to prevent such attacks.
With a single click of the “Start Lab” button, each lab is configured in a secure, sandboxed environment. Hands-on Labs are completely managed by Cloud Academy. No AWS, Azure, or Google Cloud Platform account is required. They’re active within seconds and shut down securely and automatically once completed.
Network Mapping and Target Identification
The first step of any network security assessment is to run network mapping which identifies what devices are operating on the network.
The Network Mapping and Target Identification Hands-on Lab tests your knowledge on network mapping. More specifically, you will learn to use different tools in Kali Linux to map out a local network and identify targets by discovering hosts on the network. You will understand how to scan for active network devices using the ARP scanner, Nmap, and Zenmap tools. To complete this lab you should be familiar with working at the command-line in Linux.
Interpreting Security Tool Output
Interpreting reported results and analysis of data can be simplified using the right tools. The Interpreting Security Tool Output Hands-on Lab builds your knowledge on two popular security tools: Nmap and Wireshark. By the end of the lab, you will be confident in performing fast and full port scans of targets using Nmap. You will also know how to analyze network traffic with Wireshark and understand how security tools can communicate over the network. To complete this lab, you should have a basic understanding of Nmap, ARP scanner, and TCP/IP and OSI network models. You can fulfill this lab’s requirements by completing the Network Mapping and Target Identification Lab and the OSI and TCP/IP Networking Models Course.
Security Audit Techniques
Regularly auditing the ports used by your system is part of an efficient security strategy. Unexpected connections and listening ports can be indicators that the system has been exploited and require further investigation to understand the cause. Modern Linux systems use the socket statistics command audit network and other types of sockets. The Security Audit Techniques Hands-on Lab focuses on auditing the network security of Linux hosts. You’ll learn how to use socket statistics to audit a Kali Linux system. A socket is an endpoint for communication. To complete this lab, you should have a basic understanding of TCP and UDP network protocols. You can fulfill the prerequisites by completing the OSI and TCP/IP Networking Models Course.
The video below, taken from the Security Audit Techniques lab, is a live demonstration of how to audit network socket statistic with the ss protocol and gives you a taste of the Cloud Academy lab experience.
Detecting Windows Vulnerabilities
As of 2019, Microsoft’s Windows operating system is by far the most popular operating system used in the world with more than 700 million devices now running on Windows 10. With such a large installation base, Windows systems become increasingly attractive for attackers.
The Detecting Windows Vulnerabilities Hands-on Lab focuses on the vulnerabilities of a Windows host and how to prevent them. In this lab, you will also learn about Windows tools that can help identify system vulnerabilities. To complete this lab, you should have a basic knowledge of working with the Windows operating system.
Cracking Passwords in Linux
As much as we attempt to avoid being password dependent, passwords represent the most common way to authenticate users. In the Cracking Passwords in Linux Hands-on Lab, you’ll be shown some of the frequent password-based challenges. You’ll learn how to launch a password crack attack on Linux system users. You’ll also understand how to crack passwords and how to defend against such attacks. To complete this lab, you should be familiar with working at the command-line in Linux.
Exploiting Vulnerable Network File System (NFS) Share
If you are looking to share files over a network whilst having centralized management of your files, a Network File System (NFS) is the ideal convenient solution. NFS can be exposed to security threats. In the Exploiting Vulnerable Network File System (NFS) Shares Hands-on Lab, you’ll be taken through the security challenges of an insecure NFS file share. You’ll learn the different types of sensitive data attackers may target and what you can do for securing NFS shares and when to use them.
Exploiting Remote Procedure Call (RPC) Services
Remote Procedure Calls (RPCs) are a generic framework for clients to execute procedures on servers. However, RPCs can be vulnerable to prevent overflow attacks that allow attackers to inject malicious code. Furthermore, many RPCs run with high privileges giving attackers complete control over more vulnerable systems. In the Exploiting Remote Procedure Call (RPC) Services Hands-on Lab, you will learn how to scan remote systems for RPC access using Nmap. You’ll also understand the type of sensitive information attackers are more likely to target and what options you have to prevent attacks. To complete this lab, you should have a basic knowledge of the command-line in Linux.
The video below, taken from the lab, is a live demonstration of how to exploit RPC services.
Execute a Stored Cross-Site Scripting (XSS) Attack
Execute a Reflected Cross-Site Scripting (XSS) Attack
Perform a SQL Injection (SQLi) Attack
Injection flaws enable attackers to transfer malicious code through an application to another system. An example of one of such systems is SQL databases. When SQL databases are targets of such attacks they are defined as SQL injections (SQLi). The Perform a SQL Injection Attack Hands-on Lab takes you through an example of an SQLi attack. By allowing user input to form part of the SQL query that is executed, you will be able to extract data you should not have access to. You will use a web application that is intentionally vulnerable to illustrate the attack. To complete this lab, it is preferable you have a basic understanding of SQL.
All these labs are designed for the CREST Practitioner Security Analyst (CPSA) certification examination. But they are beneficial for any security practitioner in general.
If you’re a cybersecurity professional, these hands-on labs will support your continuous training and guidance with real practical examples so you can be sure to keep your cloud environment secure and compliant.
New on Cloud Academy: Red Hat, Agile, OWASP Labs, Amazon SageMaker Lab, Linux Command Line Lab, SQL, Git Labs, Scrum Master, Azure Architects Lab, and Much More
Happy New Year! We hope you're ready to kick your training in overdrive in 2020 because we have a ton of new content for you. Not only do we have a bunch of new courses, hands-on labs, and lab challenges on AWS, Azure, and Google Cloud, but we also have three new courses on Red Hat, th...
Azure Security: Best Practices You Need to Know
When it comes to Azure Security best practices, where do you begin? In a lot of ways, Azure is very similar to any other data center. But with that said, Azure can also be very different. Securing Azure can pose many unique challenges. The security of resources hosted in Azure is of the...
Google Cloud Platform Certification: Preparation and Prerequisites
Google Cloud Platform (GCP) has evolved from being a niche player to a serious competitor to Amazon Web Services and Microsoft Azure. In 2019, research firm Gartner placed Google in the Leaders quadrant in its Magic Quadrant for Cloud Infrastructure as a Service for the second consecuti...
New Lab Challenges: Push Your Skills to the Next Level
Build hands-on experience using real accounts on AWS, Azure, Google Cloud Platform, and more Meaningful cloud skills require more than book knowledge. Hands-on experience is required to translate knowledge into real-world results. We see this time and time again in studies about how pe...
New on Cloud Academy: AWS Solution Architect Lab Challenge, Azure Hands-on Labs, Foundation Certificate in Cyber Security, and Much More
Now that Thanksgiving is over and the craziness of Black Friday has died down, it's now time for the busiest season of the year. Whether you're a last-minute shopper or you already have your shopping done, the holidays bring so much more excitement than any other time of year. Since our...
Understanding Enterprise Cloud Migration
What is enterprise cloud migration? Cloud migration is about moving your data, applications, and even infrastructure from your on-premises computers or infrastructure to a virtual pool of on-demand, shared resources that offer compute, storage, and network services at scale. Why d...
Kubernetes Services: AWS vs. Azure vs. Google Cloud
Kubernetes is a popular open-source container orchestration platform that allows us to deploy and manage multi-container applications at scale. Businesses are rapidly adopting this revolutionary technology to modernize their applications. Cloud service providers — such as Amazon Web Ser...
New on Cloud Academy: AZ-900 Exam Update; MS-100 Exam Prep; PRINCE2 Foundation; Azure, Kubernetes, and Google Hands-on Labs; and Much More
This month, our Content Team really kicked it into overdrive with tons of new content. If you're Team Azure, then you'll be amazed at the number of Azure Courses and Hands-on Labs we published this month alone! At any time, you can find all of our new releases by going to our Training ...
How to Get Hands-on Experience on AWS, Azure, and GCP: Lab Challenges
Meaningful cloud skills require more than book knowledge. Hands-on experience is required to translate knowledge into real-world results. We see this time and time again in studies about how kids and adults best learn — doing the actual learning task is key. Hands-on Labs and Lab Challe...
Which Certifications Should I Get?
As we mentioned in an earlier post, the old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and compan...
New on Cloud Academy: ITIL® 4, Microsoft 365 Tenant, Jenkins, TOGAF® 9.1, and more
At Cloud Academy, we're always striving to make improvements to our training platform. Based on your feedback, we released some new features to help make it easier for you to continue studying. These new features allow you to: Remove content from “Continue Studying” section Disc...
Cloud Migration Risks & Benefits
If you’re like most businesses, you already have at least one workload running in the cloud. However, that doesn’t mean that cloud migration is right for everyone. While cloud environments are generally scalable, reliable, and highly available, those won’t be the only considerations dri...