Post on 11-Mar-2020
transcript
The CompTIA Cybersecurity Analyst+ (CySA+)Practice Lab will provide you with the necessary platform to gain hands on skills in information security. By completing the lab tasks you will improve your practical skills in configuring and using threat detection tools, data analysis, identifying vulnerabilities, identifying threats, and risks, and securing and protecting applications and systems within an organization.
These same tasks will help you understand the objectives and competencies required by the CompTIA CySA+ (CS0-001) certification exam.
Prerequisites
© 2007 - 2017 I-Qubed Solutions Ltd. T/A Practice Labs Company registered in England Company No. 05939037 VAT No. 900079851
Support 9am-5pm(GMT) : +44 (0) 203 588750E-mail: sales@practice-labs.com
Course Code
Released Duration
Skill LevelCS0-001
Jan 2017 25 hours
Intermediate
CompTIA Cybersecurity Analyst+ (CySA+)
This Practice Lab focuses on the practical aspects of the CompTIA CySA+ (CS0-001) exam objectives. It is therefore advised to refer to your own course materials to gain a deeper understanding of any theoretical aspects of the exam objectives.
Additional Info
Lab Outline
The CompTIA CySA+ (CS0-001) certificate is aimed at IT security analysts, vulnerability analysts, threat intelligence analysts, or IT professionals seeking to advance into the industry.
Who is it For?
• Apply topology discovery techniques using both active and passive methods
• Perform DNS harvesting using multiple tools• Identify social reconnaissance techniques• Interrogate systems using Windows command line• Scan for vulnerabilities to identify system
weaknesses and threats • Perform a compliance patching upgrades• Use hashing programs to recognize encryption • Perform packet sniffing • Configure servers to report monitoring
information • Use a SIEM system to evaluate and report netflow,
threats and vulnerabilities• Perform manual SQL injection tests to a web
application• Apply IPv4 and IPv6 access lists to filter traffic• Verify and troubleshoot port security• Implement IOS features to prevent threats from
abusing vulnerabilities • Secure the management plane on Cisco routers• Configure and troubleshoot a VPN tunnel using
GRE• Implement an SSL VPN using Cisco ASA device
manager
It is recommended that you have gained the following certification before attempting the CompTIA CySA+ (CS0-001) exam: • Security + (SY0-401)No prior hands-on experience is required to use or complete this Practice Lab, however it would be beneficial to be familiar with basic networking technologies and information security concepts.
OutcomesAfter completing this Practice Lab, students will be able to:
© 2007 - 2017 I-Qubed Solutions Ltd. T/A Practice Labs Company registered in England Company No. 05939037 VAT No. 900079851
Lab TopologiesYou will also have access to the following topologies:
PLABDC01192.168.0.1/24
PLABDM01192.168.0.2/24
PLABWIN801192.168.0.5
PLABWIN10192.168.0.4
PLABKALI01 192.168.0.3
PLABDMZWEBLocal Area Connection 2 - 172.16.16.10/24
PLABEXTCLILocal Area Connection 2 - 148.74.32.16/24
PLABMGMTLocal Area Connection 3 (MGMT) - 192.168.17.10/24
Local Area Connection 2 - 192.168.16.10/24
LDNEXRTR01
LDNCORE01
LDNFWASA01
Gi0/1 – Fas0/14 VLAN 40 - 148.74.32.1/24
Gi0/0 – Fas0/13 VLAN 30 - 213.16.48.2/28
Fas0/0VLAN 20
Gi0/0 - Fas0/1 VLAN 10 - 192.168.16.1/24
Fas0/24VLAN 40
Gi0/1 - Fas0/2 VLAN 20 - 172.16.16.1/24
Gi0/3 - Fas0/4 VLAN 30 - 213.16.48.1/28
M0/0 - 192.168.17.1/24
CompTIA Cybersecurity Analyst+ (CySA+)
PLABSA01192.168.0.1
PLABWIN10 192.168.0.4
PLABKALI01192.168.0.3
PLABSA02192.168.0.2
Topology Discovery Part 1
Introduction Exercise 1 - Basic Scanning Exercise 2 - Discovering Network Topologies Exercise 3 - Topology Discovery against Firewalls Summary
Topology Discovery Part 2
Introduction Exercise 1 - OS Fingerprinting Exercise 2 - Output Logs Exercise 3 - Zenmap the Nmap GUI Summary
DNS Harvesting
Introduction Exercise 1 - DNS Harvesting with Application
Software Exercise 2 - DNS Harvesting Online Exercise 3 - ICANN Website Summary
Windows Command Line Tools
Introduction Exercise 1 - IPconfig Exercise 2 - Netstat Exercise 3 - Ping Exercise 4 - Tracert and Route Exercise 5 - ARP and Whoami Summary
Vulnerability Scanner Nessus
Introduction Exercise 1 - Downloading and Installing Nessus Exercise 2 - Configuring Nessus Exercise 3 - Scanning with Nessus Exercise 4 - Reviewing a Nessus Scan Exercise 5 - Saving Nessus Reports Summary
Vulnerability Scanner MBSA
Introduction Exercise 1 - Introduction to Microsoft Baseline
Security Analyser Exercise 2 - Implementing Recommendations Exercise 3 - Saving Microsoft Security Baseline
Analyzer Reports Exercise 4 - Reviewing Configuration Changes Summary
Modules and Exercises
© 2007 - 2017 I-Qubed Solutions Ltd. T/A Practice Labs Company registered in England Company No. 05939037 VAT No. 900079851
Encryption and Hashing
Introduction Exercise 1 - Cryptographic Basics Exercise 2 - Hash Algorithms Compared Exercise 3 - Comparing Hash Values Summary
Passive Topology Discovery
Introduction Exercise 1 - Packet Capture with Wireshark Exercise 2 - Output Logs Exercise 3 - Packet Analysis Part 1 Exercise 4 - Packet Analysis Part 2 Summary
Packet Sniffing
Introduction Exercise 1 - Packet Sniffing for Passwords Exercise 2 - Packet Sniffing for Image Capture
and Extraction Summary
Compliance Patching
Introduction Exercise 1 - Install and Configure WSUS Exercise 2 - WSUS Server Certificates Security Exercise 3 - Create Computer Groups for WSUS Exercise 4 - Configure GPO Policy for WSUS Summary
Introduction to Syslog
Introduction Exercise 1 - Syslog Forwarder Exercise 2 - Syslog Collector Exercise 3 - Syslog Analysis Summary
Monitoring Servers
Introduction Exercise 1 - Data Collector Sets Exercise 2 - Configuring Alerts for Data Collector
Sets Exercise 3 - Configure Event Subscription Summary
CompTIA Cybersecurity Analyst+ (CySA+)
© 2007 - 2017 I-Qubed Solutions Ltd. T/A Practice Labs Company registered in England Company No. 05939037 VAT No. 900079851
Alienvault Monitoring - SIEM and Netflow
Introduction Exercise 1 - AlienVault Exploration and
Configuration Exercise 2 - Netflow Monitoring Exercise 3 - Traffic Capture with AlienVault Exercise 4 - NMAP vs AlienVault Exercise 5 - AlienVault SIEM Analysis and Tickets Summary
Alienvault Monitoring - Threats Vulnerabilities and Reporting
Introduction Exercise 1 - Adding AlienVault Users Exercise 2 - Vulnerability Scanning for Threats
Through AlienVault Exercise 3 - Viewing the Threat Results Exercise 4 - File Reporting Exercise 5 - Dashboard Events and SIEM Analysis Summary
DVWA - Manual SQL Injection and Password Cracking
Introduction Exercise 1 - DVWA Usage Exercise 2 - Performing an SQL Injection Attack Exercise 3 - Password Cracking with John Summary
IPv4 and IPv6 Access Lists for Traffic Filtering
Introduction Exercise 1 - Configuring Standard and Extended
Access Lists using IPv4 Exercise 2 - Configuring Named Access Lists
Using IPv4 Exercise 3 - Creating Access-Lists in IPv6 Summary
Configure Verify and Troubleshoot Port Security
Introduction Exercise 1 - Static and Dynamic Port Security Exercise 2 - Additional Port Security
Configuration Settings Exercise 3 - Configuring Err-disable Recovery Summary
Implement IOS Features to Mitigate Threats
Introduction Exercise 1 - Implementing ACLs using the CLI to
Mitigate Address Spoofing Exercise 2 - Implementing ACLs using the CLI to
Mitigate Against ICMP Reconnaissance Attacks Exercise 3 - Using TCP Intercept to Help Prevent
DOS Attacks Exercise 4 - Configure and Verify VACLs Summary
Securing the Management Plane on Cisco Routers
Introduction Exercise 1 - Securing In-Band Remote Access
using SSH Exercise 2 - Configuring Custom Privilege Levels
and Views Exercise 3 - Cisco IOS and Key Network Services Summary
Configure Verify and Troubleshoot GRE Tunnel Connectivity
Introduction Exercise 1 - Configuring a GRE Tunnel Summary
Implement SSL VPN using ASA Device Manager
Introduction Exercise 1 - Implement a Clientless SSL VPN
using the Cisco ASA Device Manager Exercise 2 - Implement AnyConnect using the
Cisco ASA Device Manager Summary
Implement the Cisco Adaptive Security Appliance
Introduction Exercise 1 - Configuring Core ASA Features Exercise 2 - Configuring NAT Exercise 3 - Configuring a Security Policy Exercise 4 - Modular Policy Framework Summary
Forensics - E-mail and Social Media Investigations
Introduction Exercise 1 - Using OSForensics to Recover E-mail Exercise 2 - Email Examination Example Exercise 3 - Image Examination Example Exercise 4 - FaceBook Forensics Summary
CompTIA Cybersecurity Analyst+ (CySA+)
© 2007 - 2017 I-Qubed Solutions Ltd. T/A Practice Labs Company registered in England Company No. 05939037 VAT No. 900079851
Forensics – Understanding the Digital Forensics Profession and Investigations
Introduction Exercise 1 - Acquiring an Image of Evidence
Media Exercise 2 - Analyzing Your Digital Evidence Exercise 3 - Analysis Example Exercise 4 - Report Example Exercise 5 - Keyword Search Example Summary
CompTIA Cybersecurity Analyst+ (CySA+)