Używamy cookies, aby ułatwić korzystanie z Portalu. Możesz określić warunki przechowywania, dostępu do plików cookies w Twojej przeglądarce. Dowiedz się więcej.
strona główna Strona główna | Nowości | Promocje | Zapowiedzi Twoje konto | Zarejestruj | Schowek | Kontakt | Pomoc
mapa działów
Szukaj: szukanie zaawansowane
Koszyk
Książki \ Cisco

CCNA Cybersecurity Operations Lab Manual Język: 2

978-1-58713-438-8

Cena Brutto: 227.43

Cena netto: 216.60

Ilość:
Wersja: Drukowana
Autor Cisco Networking Academy
Liczba_stron 400
Wydawnictwo Cisco Press
Oprawa miękka
Data_Wydania 2018-04-20

CCNA Cybersecurity

Operations Lab Manual


CCNA Cybersecurity Operations
1.0 covers knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a Security Operations Center (SOC).


Upon completion of the CCNA Cybersecurity Operations 1.0 course, students will be able to perform the following tasks:

  • Install virtual machines to create a safe environment for implementing and analyzing cybersecurity threat events.
  • Explain the role of the Cybersecurity Operations Analyst in the enterprise.
  • Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses.
  • Explain the features and characteristics of the Linux Operating System.
  • Analyze the operation of network protocols and services.
  • Explain the operation of the network infrastructure.
  • Classify the various types of network attacks.
  • Use network monitoring tools to identify attacks against network protocols and services.
  • Use various methods to prevent malicious access to computer networks, hosts, and data.
  • Explain the impacts of cryptography on network security monitoring.
  • Explain how to investigate endpoint vulnerabilities and attacks.
  • Analyze network intrusion data to verify potential exploits.
  • Apply incident response models to manage network security incidents.
Chapter 1 Cybersecurity and the Security Operations Center 1
    1.0.1.2 Class Activity—Top Hacker Shows Us How It is Done 1
        Objectives 1
        Background/Scenario 1
        Required Resources 1
    1.1.1.4 Lab—Installing the CyberOps Workstation Virtual Machine 3
        Objectives 3
        Background/Scenario 3
        Required Resources 3
        Part 1: Prepare a Host Computer for Virtualization 3
        Part 2: Import the Virtual Machine into the VirtualBox Inventory 4
        Reflection 6
    1.1.1.5 Lab—Cybersecurity Case Studies 7
        Objectives 7
        Background/Scenario 7
        Required Resources 7
    1.1.2.6 Lab—Learning the Details of Attacks 9
        Objectives 9
        Background/Scenario 9
        Required Resources 9
        Conduct a Search of IoT Application Vulnerabilities 9
    1.1.3.4 Lab—Visualizing the Black Hats 11
        Objectives 11
        Background/Scenario 11
        Required Resources 11
    1.2.2.5 Lab—Becoming a Defender 14
        Objectives 14
        Background/Scenario 14
        Required Resources 14
Chapter 2 Windows Operating System 17
    2.0.1.2 Class Activity—Identify Running Processes 17
        Objectives 17
        Background/Scenario 17
        Required Resources 17
    2.1.2.10 Lab—Exploring Processes, Threads, Handles, and Windows Registry 20
        Objectives 20
        Required Resources 20
        Part 1: Exploring Processes 20
        Part 2: Exploring Threads and Handles 23
        Part 3: Exploring Windows Registry 25
    2.2.1.10 Lab—Create User Accounts 28
        Objectives 28
        Required Resources 28
        Part 1: Creating a New Local User Account 28
        Part 2: Reviewing User Account Properties 33
        Part 3: Modifying Local User Accounts 34
        Reflection 36
    2.2.1.11 Lab—Using Windows PowerShell 37
        Objectives 37
        Background/Scenario 37
        Required Resources 37
        Reflection 42
    2.2.1.12 Lab—Windows Task Manager 43
        Objectives 43
        Background/Scenario 43
        Required Resources 43
        Part 1: Working in the Processes Tab 43
        Part 2: Working in the Services Tab 47
        Part 3: Working in the Performance Tab 48
        Reflection 51
    2.2.1.13 Lab—Monitor and Manage System Resources in Windows 52
        Objectives 52
        Recommended Equipment 52
        Part 1: Starting and Stopping the Routing and Remote Access Service 52
        Part 2: Working in the Computer Management Utility 59
        Part 3: Configuring Administrative Tools 61
Chapter 3 Linux Operating System 71
    3.1.2.6 Lab—Working with Text Files in the CLI 71
        Objectives 71
        Required Resources 71
        Part 1: Graphical Text Editors 71
        Part 2: Command Line Text Editors 72
        Part 3: Working with Configuration Files 74
        Reflection 81
    3.1.2.7 Lab—Getting Familiar with the Linux Shell 82
        Introduction 82
        Recommended Equipment 82
        Part 1: Shell Basics 82
        Part 2: Copying, Deleting, and Moving Files 87
        Reflection 89
    3.1.3.4 Lab—Linux Servers 90
        Introduction 90
        Recommended Equipment 90
        Part 1: Servers 90
        Part 2: Using Telnet to Test TCP Services 94
        Reflection 96
    3.2.1.4 Lab—Locating Log Files 97
        Introduction 97
        Required Resources 97
        Part 1: Log File Overview 97
        Part 2: Locating Log Files in Unknown Systems 99
        Part 3: Monitoring Log Files in Real Time 104
        Reflection 113
    3.2.2.4 Lab—Navigating the Linux Filesystem and Permission Settings 114
        Objectives 114
        Required Resources 114
        Part 1: Exploring Filesystems in Linux 114
        Part 2: File Permissions 117
        Part 3: Symbolic Links and other Special File Types 120
        Reflection 123
Chapter 4 Network Protocols and Services 125
    4.1.1.7 Lab—Tracing a Route 125
        Objectives 125
        Background 125
        Scenario 125
        Required Resources 126
        Part 1: Verifying Network Connectivity Using Ping 126
        Part 2: Tracing a Route to a Remote Server Using Traceroute 126
        Part 3: Trace a Route to a Remote Server Using Web-Based Traceroute
        Tool 127
        Reflection 128
    4.1.2.10 Lab—Introduction to Wireshark 129
        Mininet Topology 129
        Objectives 129
        Background/Scenario 129
        Required Resources 130
        Part 1: Install and Verify the Mininet Topology 130
        Part 2: Capture and Analyze ICMP Data in Wireshark 131
    4.4.2.8 Lab—Using Wireshark to Examine Ethernet Frames 136
        Mininet Topology 136
        Objectives 136
        Background/Scenario 136
        Required Resources 137
        Part 1: Examine the Header Fields in an Ethernet II Frame 137
        Part 2: Use Wireshark to Capture and Analyze Ethernet Frames 139
        Reflection 142
    4.5.2.4 Lab—Using Wireshark to Observe the TCP 3-Way Handshake 143
        Mininet Topology 143
        Objectives 143
        Background/Scenario 143
        Required Resources 143
        Part 1: Prepare the Hosts to Capture the Traffic 144
        Part 2: Analyze the Packets Using Wireshark 144
        Part 3: View the Packets Using tcpdump 147
        Reflection 148
    4.5.2.10 Lab—Exploring Nmap 149
        Topology 149
        Objectives 149
        Background/Scenario 149
        Required Resources 149
        Part 1: Exploring Nmap 149
        Part 2: Scanning for Open Ports 152
        Reflection 155
    4.6.2.7 Lab—Using Wireshark to Examine a UDP DNS Capture 156
        Topology 156
        Objectives 156
        Background/Scenario 156
        Required Resources 156
        Part 1: Record VM’s IP Configuration Information 156
        Part 2: Use Wireshark to Capture DNS Queries and Responses 157
        Part 3: Analyze Captured DNS or UDP Packets 158
        Reflection 162
    4.6.4.3 Lab—Using Wireshark to Examine TCP and UDP Captures 163
        Topology — Part 1 (FTP) 163
        Mininet Topology — Part 2 (TFTP) 163
        Objectives 164
        Background/Scenario 164
        Required Resources 164
        Part 1: Identify TCP Header Fields and Operation Using a Wireshark FTP
        Session Capture 164
        Part 2: Identify UDP Header Fields and Operation Using a Wireshark
        TFTP Session Capture 171
        Reflection 174
    4.6.6.5 Lab—Using Wireshark to Examine HTTP and HTTPS 175
        Objectives 175
        Background/Scenario 175
        Required Resources 175
        Part 1: Capture and Vview HTTP Traffic 175
        Part 2: Capture and View HTTPS Traffic 178
        Reflection 181
Chapter 5 Network Infrastructure 183
    5.2.2.4 Packet Tracer—Access Control List Demonstration 183
        Topology 183
        Objectives 183
        Background 183
        Part 1: Verify Local Connectivity and Test Access Control List 183
        Part 2: Remove ACL and Repeat Test 184
        Suggested Scoring Rubric 185
    5.3.1.10 Packet Tracer—Identify Packet Flow 186
        Topology 186
        Objectives 186
        Background/Scenario 186
        Required Resources 186
        Part 1: Verifying Connectivity 187
        Part 2: Remote LAN Network Topology 187
        Part 3: WAN Network Topology 188
Chapter 6 Principles of Network Security 191
    6.2.1.11 Lab—Anatomy of Malware 191
        Objectives 191
        Background/Scenario 191
        Required Resources 191
        Conduct a Search of Recent Malware 191
    6.2.2.9 Lab—Social Engineering 192
        Objectives 192
        Background/Scenario 192
        Required Resources 192
Chapter 7 Network Attacks: A Deeper Look 195
    7.0.1.2 Class Activity—What’s Going On? 195
        Objectives 195
        Background/Scenario 195
        Required Resources 195
    7.1.2.7 Packet Tracer—Logging Network Activity 198
        Topology 198
        Addressing Table 198
        Objectives 198
        Background 198
        Part 1: Create FTP Traffic 198
        Part 2: Investigate the FTP Traffic 199
        Part 3: View syslog Messages 199
        Suggested Scoring Rubric 200
    7.3.1.6 Lab—Exploring DNS Traffic 201
        Objectives 201
        Background/Scenario 201
        Required Resources 201
        Part 1: Capture DNS Traffic 201
        Part 2: Explore DNS Query Traffic 204
        Part 3: Explore DNS Response Traffic 209
        Reflection 211
    7.3.2.4 Lab—Attacking a mySQL Database 212
        Objectives 212
        Background/Scenario 212
        Required Resources 212
        Part 1: Open the PCAP File and Follow the SQL Database Attacker 212
        Reflection 225
    7.3.2.5 Lab—Reading Server Logs 226
        Objectives 226
        Background/Scenario 226
        Required Resources 226
        Part 1: Reading Log Files with Cat, More, Less, and Tail 226
        Part 2: Log Files and Syslog 230
        Part 3: Log Files and Journalctl 231
        Reflection 232
Chapter 8 Protecting the Network 233
    There are no labs in this chapter.
Chapter 9 Cryptography and the Public Key Infrastructure 235
    9.0.1.2 Class Activity—Creating Codes 235
        Objectives 235
        Background/Scenario 235
        Required Resources 235
    9.1.1.6 Lab—Encrypting and Decrypting Data Using OpenSSL 238
        Objectives 238
        Background/Scenario 238
        Required Resources 238
        Part 1: Encrypting Messages with OpenSSL 238
        Part 2: Decrypting Messages with OpenSSL 240
    9.1.1.7 Lab—Encrypting and Decrypting Data Using a Hacker Tool 241
        Objectives 241
        Background/Scenario 241
        Required Resources 241
        Part 1: Create and Encrypt Files 242
        Part 2: Recover Encrypted Zip File Passwords 243
    9.1.1.8 Lab—Examining Telnet and SSH in Wireshark 247
        Objectives 247
        Background/Scenario 247
        Required Resources 247
        Part 1: Examining a Telnet Session with Wireshark 247
        Part 2: Examine an SSH Session with Wireshark 249
        Reflection 250
    9.1.2.5 Lab—Hashing Things Out 251
        Objectives 251
        Background/Scenario 251
        Required Resources 251
        Part 1: Creating Hashes with OpenSSL 251
        Part 2: Verifying Hashes 253
    9.2.2.7 Lab—Certificate Authority Stores 254
        Objectives 254
        Background/Scenario 254
        Required Resources 254
        Part 1: Certificates Trusted by Your Browser 254
        Part 2: Checking for Man-In-Middle 258
        Part 3: Challenges (Optional) 262
        Reflection 262
Chapter 10 Endpoint Security and Analysis 263
    There are no labs in this chapter.
Chapter 11 Security Monitoring 265
    11.2.3.10 Packet Tracer—Explore a NetFlow Implementation 265
        Topology 265
        Objectives 265
        Background 265
        Part 1: Observe NetFlow Flow Records - One Direction 265
        Part 2: Observe NetFlow Records for a Session that Enters and Leaves the
        Collector 269
        Suggested Scoring Rubric 271
    11.2.3.11 Packet Tracer—Logging from Multiple Sources 272
        Topology 272
        Objectives 272
        Background/Scenario 272
        Part 1: View Log Entries with Syslog 272
        Part 2: Log User Access 273
        Part 3: NetFlow and Visualization 274
        Reflection 275
    11.3.1.1 Lab—Setup a Multi-VM Environment 276
        Topology 276
        Objectives 276
        Background/Scenario 276
        Required Resources 276
Chapter 12 Intrusion Data Analysis 283
    12.1.1.7 Lab—Snort and Firewall Rules 283
        Topology 283
        Objectives 283
        Background/Scenario 283
        Required Resources 284
        Part 1: Preparing the Virtual Environment 284
        Part 2: Firewall and IDS Logs 284
    12.2.1.5 Lab—Convert Data into a Universal Format 292
        Objectives 292
        Background/Scenario 292
        Required Resources 292
        Part 1: Normalize Timestamps in a Log File 292
        Part 2: Normalize Timestamps in an Apache Log File 295
        Part 3: Log File Preparation in Security Onion 297
        Part 4: Reflection 303
    12.2.2.9 Lab—Regular Expression Tutorial 304
        Objectives 304
        Background/Scenario 304
        Required Resources 304
    12.2.2.10 Lab—Extract an Executable from a PCAP 307
        Objectives 307
        Background/Scenario 307
        Required Resources 307
        Part 1: Prepare the Virtual Environment 307
        Part 2: Analyze Pre-Captured Logs and Traffic Captures 307
        Part 3: Extract Downloaded Files From PCAPS 311
    12.4.1.1 Alt Lab—Interpret HTTP and DNS Data to Isolate Threat Actor 315
        Objectives 315
        Background/Scenario 315
        Required Resources 315
        Part 1: Prepare the Virtual Environment 315
        Part 2: Investigate an SQL Injection Attack 316
        Part 3: Analyze a Data Exfiltration 323
    12.4.1.1 Lab—Interpret HTTP and DNS Data to Isolate Threat Actor 325
        Topology 325
        Objectives 325
        Background/Scenario 325
        Required Resources 326
        Part 1: Prepare the Virtual Environment 326
        Part 2: Investigate an SQL Injection Attack 327
        Part 3: Data Exfiltration Using DNS 336
    12.4.1.2 Alt Lab—Isolated Compromised Host Using 5-Tuple 342
        Objectives 342
        Background/Scenario 342
        Required Resources 342
        Part 1: Prepare the Virtual Environment 342
        Part 2: Review the Logs 343
        Reflection 351
    12.4.1.2 Lab—Isolated Compromised Host Using 5-Tuple 352
        Topology 352
        Objectives 352
        Background/Scenario 352
        Required Resources 353
        Part 1: Prepare the Virtual Environment 353
        Part 2: Reconnaissance 355
        Part 3: Exploitation 356
        Part 4: Infiltration 360
        Part 5: Review the Logs 363
        Reflection 371
Chapter 13 Incident Response and Handling 373
    13.2.2.13 Lab—Incident Handling 373
        Objectives 373
        Background/Scenario 373
        Scenario 1: Worm and Distributed Denial of Service (DDoS) Agent
        Infestation 373
        Scenario 2: Unauthorized Access to Payroll Records 374
powrót
 
Produkty Podobne
Troubleshooting Cisco Nexus Switches and NX-OS
Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security
CCNA Cybersecurity Operations Lab Manual
IP Multicast, Volume II: Advanced Multicast Concepts and Large-Scale Multicast Design
Deploying ACI: The complete guide to planning, configuring, and managing Application Centric Infrastructure
IT as a Service (ITaaS) Framework, The: Transform to an End-to-End Services Organization and Operate IT like a Competitive Business
Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer
Sieci Cisco w miesiąc. Podręcznik administratora
Cisco Firepower Threat Defense (FTD)
CCNA 200-125. Zostań administratorem sieci komputerowych Cisco
Więcej produktów