Setting up your network securely is the first step in preventing attacks and misuse of your resources.

The labs in this category help you gain experience with common network security practices, intrusion detection systems, and firewall policies. You will gain exposure to multiple tools in order to apply your existing knowledge—seeing how specific tools implement best practices and principles. Even if your particular network uses different software packages, the principles and procedures honed here will apply equally in your configuration.

The labs in this category assume general knowledge of TCP/IP networking and network setup principles.

Questions about which lab is right for you? Contact cyrin@atcorp.com.

Students will learn how to configure an Intrusion Detection System (IDS) to examine traffic to/from a firewall. The popular Snort® IDS will be used in this exercise. The exercise will include both harmless background traffic and potentially-malicious traffic to be detected by Snort.

Prerequisites

Basic networking concepts (TCP/IP, DNS, etc.) and familiarity with the Unix/Linux command line.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Intrusion Detection and Prevention Lab Package
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
Educational Lab

Students will learn how to deploy, configure and customize a Zeek Network Intrusion Detection System (NIDS).  They will customize Zeek to generate enterprise specific logs and to send email notifications of events of interest. They will also create a simple Zeek plugin, using the Zeek scripting language, to detect and block brute force ssh login attempts.

Prerequisites

Basic networking concepts (TCP/IP, DNS, etc.) and familiarity with the Unix/Linux command line.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
  • Introduction to Cybersecurity Lab Package
  • Introduction to Network Security Lab Package
  • Intrusion Detection and Prevention Lab Package
Educational Lab

Students will configure a network firewall using the VyOS router appliance, which mimics physical router hardware. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices. Students will set up a partitioned network and a DMZ area to isolate specific enterprise services, such as an e-mail server. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.

Prerequisites

Basic network routing concepts (firewalls, subnets, etc.) as well as basic networking concepts (TCP/IP, DNS, etc.).  Students must also be comfortable working in command-line environments.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
Educational Lab

Students will configure a network firewall using the standard Linux iptables module. The exercise will include both ingress and egress filtering, stateful packet inspection, and best practices.  More advanced techniques such as port knocking will also be introduced. Evaluation will include network probes from both inside and outside the firewall to ensure proper rules are configured.

Prerequisites

Basic network routing concepts (firewalls, subnets, etc.) as well as basic networking concepts (TCP/IP, DNS, etc.).  Students should also be comfortable with the Linux/Unix command line.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Essential Tools for Network Engineering
  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
Educational Lab

Students will learn to secure and configure the widely used, open-source pfSense firewall. They will learn to create firewall rules, the order in which rules are applied, how pfSense aliases can be used to simplify the pfSense rule set, and how to secure pfSense itself. They will also learn to view statistics and logs collected by pfSense.

Prerequisites

Basic network routing concepts (firewalls, subnets, etc.) as well as basic networking concepts (TCP/IP, DNS, etc.).  Students should also be comfortable with the Linux/Unix command line.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
  • Introduction to Cybersecurity Lab Package
  • Introduction to Network Security Lab Package
  • Intrusion Detection and Prevention Lab Package
Educational Lab

Students will learn to configure and set up an OpenVPN server. OpenVPN is an open-source virtual private network (VPN) solution. VPNs extend a private network over a public network, allowing users to send and receive data the public networks as if they are directly connected to the private network.

Students will learn to set up a Certificate Authority to create the keys and certificates needed to (1) authenticate users (VPN clients) and the VPN server and, (2) encrypt communication between the two. They will also learn how to revoke client certificates

Prerequisites

Basic knowledge of public key infrastructures and certificates, and familiarity with the Unix/Linux command line.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Essential Tools for Network Engineering
  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
  • Introduction to Network Security Lab Package
  • Intrusion Detection and Prevention Lab Package
Educational Lab

Hackers shouldn’t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.

In this lab, students will configure a split-horizon DNS infrastructure that consists of two DNS servers: An External DNS server and an Internal DNS server. The External DNS lives in the organization's DMZ network; it is used by external hosts to resolve names of servers in the DMZ. The Internal DNS lives in the organization's internal network and is reachable only by hosts on the internal network. It resolves names of hosts on the internal network.

The lab uses BIND, the most popular DNS server in use today.

Prerequisites

Basic network routing concepts (firewalls, subnets, etc.) as well as basic networking concepts (TCP/IP, DNS, etc.).  Students should also be comfortable with the Unix/Linux command line.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Availability

Included if you are a subscriber to any of the following training packages:

  • Essential Tools for Network Engineering
  • Level 1: CYRIN Enterprise Instructional Labs
  • Level 2: Attack/Defense/IR Exercises & Instructional Labs
  • Level 3: Utility Under Attack Scenarios, Attack/Defense/IR Exercises, & Instructional Labs
  • Secure Network Setup Package
  • Introduction to Network Security Lab Package
  • Intrusion Detection and Prevention Lab Package
Educational Lab