CompTIA Cybersecurity Analyst+ (CySA+)...The CompTIA Cybersecurity Analyst+ (CySA+) Practice Lab...

CompTIA Cybersecurity Analyst+ (CySA+)

The CompTIA Cybersecurity Analyst+ (CySA+)Practice Lab will provide you with the necessary platform to gain hands on skills in information security. By completing the lab tasks you will improve your practical skills in configuring and using threat detection tools, data analysis, identifying vulnerabilities, identifying threats, and risks, and securing and protecting applications and systems within an organization.

These same tasks will help you understand the objectives and competencies required by the CompTIA CySA+ (CS0-001) certification exam.

Prerequisites

© 2007 - 2017 I-Qubed Solutions Ltd. T/A Practice Labs Company registered in England Company No. 05939037 VAT No. 900079851

Support 9am-5pm(GMT) : +44 (0) 203 588750E-mail: [email protected]

Course Code

Released Duration

Skill LevelCS0-001

Jan 2017 25 hours

Intermediate


This Practice Lab focuses on the practical aspects of the CompTIA CySA+ (CS0-001) exam objectives. It is therefore advised to refer to your own course materials to gain a deeper understanding of any theoretical aspects of the exam objectives.

Additional Info

Lab Outline

The CompTIA CySA+ (CS0-001) certificate is aimed at IT security analysts, vulnerability analysts, threat intelligence analysts, or IT professionals seeking to advance into the industry.

Who is it For?

• Apply topology discovery techniques using both active and passive methods

• Perform DNS harvesting using multiple tools• Identify social reconnaissance techniques• Interrogate systems using Windows command line• Scan for vulnerabilities to identify system

weaknesses and threats • Perform a compliance patching upgrades• Use hashing programs to recognize encryption • Perform packet sniffing • Configure servers to report monitoring

information • Use a SIEM system to evaluate and report netflow,

threats and vulnerabilities• Perform manual SQL injection tests to a web

application• Apply IPv4 and IPv6 access lists to filter traffic• Verify and troubleshoot port security• Implement IOS features to prevent threats from

abusing vulnerabilities • Secure the management plane on Cisco routers• Configure and troubleshoot a VPN tunnel using

GRE• Implement an SSL VPN using Cisco ASA device

manager

It is recommended that you have gained the following certification before attempting the CompTIA CySA+ (CS0-001) exam: • Security + (SY0-401)No prior hands-on experience is required to use or complete this Practice Lab, however it would be beneficial to be familiar with basic networking technologies and information security concepts.

OutcomesAfter completing this Practice Lab, students will be able to:


Lab TopologiesYou will also have access to the following topologies:

PLABDC01192.168.0.1/24

PLABDM01192.168.0.2/24

PLABWIN801192.168.0.5

PLABWIN10192.168.0.4

PLABKALI01 192.168.0.3

PLABDMZWEBLocal Area Connection 2 - 172.16.16.10/24

PLABEXTCLILocal Area Connection 2 - 148.74.32.16/24

PLABMGMTLocal Area Connection 3 (MGMT) - 192.168.17.10/24

Local Area Connection 2 - 192.168.16.10/24

LDNEXRTR01

LDNCORE01

LDNFWASA01

Gi0/1 – Fas0/14 VLAN 40 - 148.74.32.1/24

Gi0/0 – Fas0/13 VLAN 30 - 213.16.48.2/28

Fas0/0VLAN 20

Gi0/0 - Fas0/1 VLAN 10 - 192.168.16.1/24

Fas0/24VLAN 40

Gi0/1 - Fas0/2 VLAN 20 - 172.16.16.1/24

Gi0/3 - Fas0/4 VLAN 30 - 213.16.48.1/28

M0/0 - 192.168.17.1/24


PLABSA01192.168.0.1

PLABWIN10 192.168.0.4

PLABKALI01192.168.0.3

PLABSA02192.168.0.2

Topology Discovery Part 1

Introduction Exercise 1 - Basic Scanning Exercise 2 - Discovering Network Topologies Exercise 3 - Topology Discovery against Firewalls Summary

Topology Discovery Part 2

Introduction Exercise 1 - OS Fingerprinting Exercise 2 - Output Logs Exercise 3 - Zenmap the Nmap GUI Summary

DNS Harvesting

Introduction Exercise 1 - DNS Harvesting with Application

Software Exercise 2 - DNS Harvesting Online Exercise 3 - ICANN Website Summary

Windows Command Line Tools

Introduction Exercise 1 - IPconfig Exercise 2 - Netstat Exercise 3 - Ping Exercise 4 - Tracert and Route Exercise 5 - ARP and Whoami Summary

Vulnerability Scanner Nessus

Introduction Exercise 1 - Downloading and Installing Nessus Exercise 2 - Configuring Nessus Exercise 3 - Scanning with Nessus Exercise 4 - Reviewing a Nessus Scan Exercise 5 - Saving Nessus Reports Summary

Vulnerability Scanner MBSA

Introduction Exercise 1 - Introduction to Microsoft Baseline

Security Analyser Exercise 2 - Implementing Recommendations Exercise 3 - Saving Microsoft Security Baseline

Analyzer Reports Exercise 4 - Reviewing Configuration Changes Summary

Modules and Exercises


Encryption and Hashing

Introduction Exercise 1 - Cryptographic Basics Exercise 2 - Hash Algorithms Compared Exercise 3 - Comparing Hash Values Summary

Passive Topology Discovery

Introduction Exercise 1 - Packet Capture with Wireshark Exercise 2 - Output Logs Exercise 3 - Packet Analysis Part 1 Exercise 4 - Packet Analysis Part 2 Summary

Packet Sniffing

Introduction Exercise 1 - Packet Sniffing for Passwords Exercise 2 - Packet Sniffing for Image Capture

and Extraction Summary

Compliance Patching

Introduction Exercise 1 - Install and Configure WSUS Exercise 2 - WSUS Server Certificates Security Exercise 3 - Create Computer Groups for WSUS Exercise 4 - Configure GPO Policy for WSUS Summary

Introduction to Syslog

Introduction Exercise 1 - Syslog Forwarder Exercise 2 - Syslog Collector Exercise 3 - Syslog Analysis Summary

Monitoring Servers

Introduction Exercise 1 - Data Collector Sets Exercise 2 - Configuring Alerts for Data Collector

Sets Exercise 3 - Configure Event Subscription Summary



Alienvault Monitoring - SIEM and Netflow

Introduction Exercise 1 - AlienVault Exploration and

Configuration Exercise 2 - Netflow Monitoring Exercise 3 - Traffic Capture with AlienVault Exercise 4 - NMAP vs AlienVault Exercise 5 - AlienVault SIEM Analysis and Tickets Summary

Alienvault Monitoring - Threats Vulnerabilities and Reporting

Introduction Exercise 1 - Adding AlienVault Users Exercise 2 - Vulnerability Scanning for Threats

Through AlienVault Exercise 3 - Viewing the Threat Results Exercise 4 - File Reporting Exercise 5 - Dashboard Events and SIEM Analysis Summary

DVWA - Manual SQL Injection and Password Cracking

Introduction Exercise 1 - DVWA Usage Exercise 2 - Performing an SQL Injection Attack Exercise 3 - Password Cracking with John Summary

IPv4 and IPv6 Access Lists for Traffic Filtering

Introduction Exercise 1 - Configuring Standard and Extended

Access Lists using IPv4 Exercise 2 - Configuring Named Access Lists

Using IPv4 Exercise 3 - Creating Access-Lists in IPv6 Summary

Configure Verify and Troubleshoot Port Security

Introduction Exercise 1 - Static and Dynamic Port Security Exercise 2 - Additional Port Security

Configuration Settings Exercise 3 - Configuring Err-disable Recovery Summary

Implement IOS Features to Mitigate Threats

Introduction Exercise 1 - Implementing ACLs using the CLI to

Mitigate Address Spoofing Exercise 2 - Implementing ACLs using the CLI to

Mitigate Against ICMP Reconnaissance Attacks Exercise 3 - Using TCP Intercept to Help Prevent

DOS Attacks Exercise 4 - Configure and Verify VACLs Summary

Securing the Management Plane on Cisco Routers

Introduction Exercise 1 - Securing In-Band Remote Access

using SSH Exercise 2 - Configuring Custom Privilege Levels

and Views Exercise 3 - Cisco IOS and Key Network Services Summary

Configure Verify and Troubleshoot GRE Tunnel Connectivity

Introduction Exercise 1 - Configuring a GRE Tunnel Summary

Implement SSL VPN using ASA Device Manager

Introduction Exercise 1 - Implement a Clientless SSL VPN

using the Cisco ASA Device Manager Exercise 2 - Implement AnyConnect using the

Cisco ASA Device Manager Summary

Implement the Cisco Adaptive Security Appliance

Introduction Exercise 1 - Configuring Core ASA Features Exercise 2 - Configuring NAT Exercise 3 - Configuring a Security Policy Exercise 4 - Modular Policy Framework Summary

Forensics - E-mail and Social Media Investigations

Introduction Exercise 1 - Using OSForensics to Recover E-mail Exercise 2 - Email Examination Example Exercise 3 - Image Examination Example Exercise 4 - FaceBook Forensics Summary



Forensics – Understanding the Digital Forensics Profession and Investigations

Introduction Exercise 1 - Acquiring an Image of Evidence

Media Exercise 2 - Analyzing Your Digital Evidence Exercise 3 - Analysis Example Exercise 4 - Report Example Exercise 5 - Keyword Search Example Summary


CompTIA Cybersecurity Analyst+ (CySA+)...The CompTIA Cybersecurity Analyst+ (CySA+) Practice Lab...

Documents

Transcript of CompTIA Cybersecurity Analyst+ (CySA+)...The CompTIA Cybersecurity Analyst+ (CySA+) Practice Lab...