Systems Administration 2

This package consists of CYRIN labs focusing on the NIST National Initiative for Cybersecurity Education (NICE) Systems Administration specialty area. Completing these labs will help you learn the skills needed for a job in the area.

Prerequisites vary by lab, but are generally: familiarity with the Unix/Linux command line and basic networking concepts (TCP/IP, DNS, etc.).

EXPECTED DURATION

14 hours, self-paced. Pause and continue at any time.
14 CPEs awarded on successful completion.

• Using Active Directory to Manage Domain User Accounts

  Students learn to use the Windows Active Directory service to create and manage domain user accounts. They also learn to set up security policies and assign these policies to users and organizational units (OUs).

• Host IDS Setup with OSSEC

  Students learn how to configure and run the widely-used, free OSSEC Host Intrusion Detection System (HIDS). During the exercise, students will learn how to check for rootkits using OSSEC, how to verify file integrity, how to set up passive and active responses, and more. Host intrusion detection is critical to maintaining a secure system, and is required by HIPAA and PCI regulations, both of which OSSEC can help you meet.

• Log Analytics with Splunk

  In this lab the student will learn how to configure and securely run the Splunk Enterprise security information collection and analysis platform. The objective of the lab is to deploy multiple instances of Splunk data forwarders through a deployment server and analyze the logs received from the servers. The student will write custom scripts to generate logs, create both visual and textual reports, organize these reports into a single dashboard, and learn to recognize malicious activity.

• Log Analytics with Elastic Stack

  Elastic Stack is a group of services designed to take data from almost any type of source and in almost any type of format, and to search, analyze and visualize that data in real time. In this lab, Elastic Stack will be used for log analytics. Students will learn to set up and run the Elasticsearch, Logstash and Kibana components of Elastic Stack. Multiple computers in a small network will forward their logs to a central server where they will be processed by Elastic Stack. Student will use Kibana to view logs, filter them and set up dashboards. Information in the logs will be used to identify and block an on-going attack.

• Secure SSL Configuration in Apache

  Students will build on the basic Apache configuration exercise to configure Secure Sockets Layer (SSL) encryption for the Apache HTTP Server^®. Students will learn and implement best security practices and strong cryptography guarantees while avoiding vulnerabilities such as Heartbleed.

• Introduction to Jenkins CI/CD Pipelines

  In this lab students will learn to use Jenkins, a widely used automation tool to set up a CI/CD (continuous integration/continuous delivery) pipeline. CI establishes a consistent and automated way to build, package, and test applications. CD automates the delivery of applications. A pipeline is the set of software integration, testing and deployment steps that the software being developed must go through. This lab is brought to you by the Rochester Institute of Technology Global Cybersecurity Institute.

  CI/CD is the backbone of DevOps, a set of practices and tools that increases an organization’s ability to deliver applications and services at high speed, evolving and improving products at a faster pace.

• Introduction to Docker, Docker Compose, and Docker Networking

  Docker is a lightweight virtualization technology to package applications and their dependencies in a virtual container. Docker greatly simplifies software deployment because Docker containers can run on any Linux, Windows, or macOS computer. Docker containers are isolated from one another and a single computer can run a very large number of containers. Knowledge of Docker is an essential for anybody involved with modern software development practices. This lab is brought to you by the Rochester Institute of Technology-Global Cybersecurity Institute.

  In this lab students will learn basic Docker commands to pull container images from a registry, run them, change them, and push changes back to the registry. They will learn to use docker-compose to build an application consisting of multiple containers. Finally, they will learn the basics of Docker networking.