Beruflich Dokumente
Kultur Dokumente
com
Subject: Cyber Security Analyst - Assignment #1 - Basics
Date: 17 January 2019 at 12:31
To: undisclosed-recipients:;
Bcc: sirgerald93@gmail.com
Hello,
If your receiving this email it means I received a request from you for the free cybersecurity hands-on labs training course.
I am considering adding an Assignment to cover Threat Hunting - Making Threat Intelligence Actionable. Please let me know if
there is interest.
Below is the first assignment for the course. Please let me know if you have any questions.
Thanks,
Todd.
======
The goal of this course is to give participants hands-on experience so they have the skills necessary to
successfully perform one or all of the following responsibilities:
The course involves many labs and one of the primary skills needs is command line experience. Scripting
skills is a plus and is necessary to automate.
The 'Basics' assignment is designed to ensure participants has command line skills.
Students will also need access to a testing environment to perform these tasks. Links to training
environment VMs are provided.
At any time participants can ask questions, use Google, contact mentors and/or myself. The goal is to gain
skills, not pass a test.
I am in the process of setting up a HuntEvil discussion board which should allow all participants to ask
questions and share knowledge.
This is not instructor led. Is it as your own pace so you have time to repeat each lab until you feel
comfortable with that skill. Again, I am available to answer any questions.
All training is online and performed on your computer systems and downloaded training environment VMs.
As soon as you are done with one assignment you can request the next one.
Please provide feedback on each assignment beyond the deliverables. I would like each assignment to
continually improve.
For those that complete all of the assignments I ask that you be willing to be available to recruit and mentor
For those that complete all of the assignments I ask that you be willing to be available to recruit and mentor
3 other participants to the free course. Pay it forward.
NOTE: Items marked as Extra Credit are optional items for students to earn industry certifications. These
can be skipped, worked on in parallel, or worked on after the virtual internship.
SKILL: Run, understand, and be able to use common Windows command line commands daily.
NOTE: If you do not have a Windows environment available, you can download and install
DetectionLab with the link provided below.
Review and run the following commands until you feel comfortable using them.
- https://community.sophos.com/kb/en-us/13195
- https://www.ee.usyd.edu.au/tutorials_online/topics/itopics/dos-cmds.html
NOTE: the site hosting the DOS cmd tutorial was reported by one of the participants as currently offline. Please let me
know as soon as possible if there are any issues with links.
If the site above continues to have problems I will replace it with another tutorial.
For now, the information can be found here on the Wayback Machine.
https://web.archive.org/web/20170613175331/https://www.ee.usyd.edu.au/tutorials_online/topics/itopics/dos-cmds.html
DELIVERABLE: Provide a confirmation that you have reviewed the commands in the first two links and feel
comfortable on the Windows command line.
- EXTRA CREDIT - WINDOWS - Complete Microsoft Certified System Administrator (MSCA) - free
certificate - https://www.cybrary.it/course/mcsa/
- EXTRA CREDIT - WINDOWS - Complete Microsoft Enterprise Security Fundamentals Course - $99 for
certification - https://www.edx.org/course/fundamentals-of-enterprise-security
NOTE: If you do not have a Linux/Unix environment available, you can download and install
DetectionLab and/or Kali/Virtualbox with one of the links provided below.
SKILL: Run, understand, and be able to use common Linux/Unix command line commands daily.
- Review and run the commands in the Learn Linux ebook - https://www.linuxtrainingacademy.com/wp-
content/uploads/2016/08/learn-linux-in-5-days.pdf
DELIVERABLE: Provide a confirmation that you have reviewed the commands in the Learn Linux in 5 days
link and feel comfortable on the Linux command line.
- EXTRA CREDIT - LINUX: Signup and complete linux course - Includes free CompTIA Linux Plus
certification - https://www.cybrary.it/course/comptia-linux-plus/
KNOWLEDGE: Review and understand the basic networking terminology in the basic networking course
- http://www.steves-internet-guide.com/basic-networking-course/
DELIVERABLE: Provide a confirmation that you have reviewed the commands and terminology in the basic
networking course above and feel comfortable with setting up and configuring network settings on Windows
and Linux systems.
Splunk Experience
SKILL: Search and navigate in Splunk, use fields, get statistics from your data, create reports, dashboards,
lookups, and alerts.
Scenario-based examples and hands-on challenges will enable you to create robust searches, reports, and
charts.
- Review the video to learn how to search in Splunk (Splunk is setup and available in the DetectionLab VM
environment below): https://youtu.be/eVTTnf2wYZg
- Review the video to learn how to create alerts in Splunk: https://youtu.be/SuARLqm7_jc
NOTE: A fully functional and configured Splunk environment is included with DetectionLab with the
link provided below.
DELIVERABLE: Provide a confirmation that you have reviewed the queries and terminology in the first 2
Splunk videos and feel comfortable working with Splunk.
Kali Experience
TRAINING LAB
DELIVERABLE: Provide a confirmation that you have successfully installed Kali in your training lab.
DELIVERABLE: Provide a confirmation that you have successfully installed DVWA in your training lab.
DetectionLab Setup
NOTE: Setting this up on MacOS is pretty straight forward. Some students have had challenges setting it
up on Windows systems.
DELIVERABLE: Provide a confirmation that you have successfully installed Detection Lab in your training
lab.
RESUME NOTES
Below are suggestions for skills you could add to your resume after completing all the training in
Assignment #1 including the certifications.
I’d suggest you refresh your memory prior to an interview on the ones you add to your resume so you’re
ready for any interview questions based on your resume.
Microsoft Skills: Active Directory, DNS, Group Policy, Radius, DHCP, VPN, Web Proxy, DFS, Bitlocker,
EFS, Applocker, Hyper-V, VirtualBox
Splunk Skills: Splunk queries, statistics, create reports, create dashboards, create lookups, create alerts
Cisco Networking Skills: VLAN, Spanning Tree, ARP, IP Routing, RIP, EIGRP, OSPF, ACLs, NAT, CHAP,
IPv4, IPv6