Vulnerability Assessment and Management
Mastering Advanced Vulnerability Assessment and Management with Cyrin’s NICE Specialty Area Package Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in …
Overview
Mastering Advanced Vulnerability Assessment and Management with Cyrin’s NICE Specialty Area Package
Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations.
This package consists of CYRIN labs focusing on the NIST National Initiative for Cybersecurity Education (NICE) Vulnerability Assessment and Management specialty area. Completing these labs will help you learn the skills needed for a job in the area.
PREREQUISITES
Prerequisites vary by lab, but are generally: familiarity with the Unix/Linux command line and basic networking concepts (TCP/IP, DNS, etc.).
EXPECTED DURATION
19.0 hours, self-paced. Pause and continue at any time.
19.0 CPEs awarded on successful completion.
PACKAGE CONTENTS
-
Identifying Live Machines and Services on an Unknown Network
Students will use tools such as nmap, unicornscan, and fping to identify systems on a local network, including both Unix and Windows targets. Students will identify the operating systems these systems are running, as well as the types of network services they are providing.
-
Service Identification I
Students will use multiple tools to identify services, including software package and version information, running on unknown systems. Network services to be targeted will include those running on non-standard ports or behind firewall rules.
-
Service Identification II
Students will build on the Service Identification I exercise to use service-specific information-gathering tools. Students will gather vendor, software, and version information, as well as any configuration information available remotely. Students will then use scripting tools to automate this process.
-
Introduction to Metasploit
Students will gain experience with the widely-used open source Metasploit® framework and related tools for exploiting vulnerable software and insecure system configurations. The exercise leads students through the entire process, from scanning the network to getting remote shells and accessing sensitive information. By seeing the tools available to potential attackers, students will gain a greater appreciation for the need to keep software up-to-date and securely configured.
-
Vulnerability Scanning with OpenVAS
Students will use the free OpenVAS web tool suite to identify vulnerabilities in services available on an unknown network. The network will include several targets with known-vulnerable software versions and/or configurations.
-
Automating Security Analysis with SPARTA
Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.
-
Web Application Security Analysis using OWASP-ZAP
Students will use the OWASP program’s ZAP tool suite from within Kali Linux to scan multiple web services and document vulnerabilities. Students will see ZAP in action on a vulnerable web site where entire database tables are available to potential attackers.
-
Web Application Security Analysis using Burp Suite
Burp Suite is an industry standard suite of tools used by information security professionals for testing Web application security. Its tools work together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
Students learn to use Burp tools to find security vulnerabilities in a web application. They will discover the application is vulnerable to cross-site scripting (XSS) attacks and will learn how to exploit the vulnerability to steal user credentials.
-
Detecting and Exploiting SQL Injection Vulnerabilities
Students will learn how to detect and exploit SQL injection vulnerabilities. By using several SQL injections techniques students will gather information about a remote database such as server operating system, database type, table names, and most importantly, table content. Students will then use sqlmap, a tool for SQL injection, to automate this process.
-
Web Site Reconnaissance
Web site reconnaissance is about gathering information about a web site. Of course, there is information published on the website that is intended for people to see. Then there is information such as the name and version of the software used in the website and information about databases used by web applications on the site. This is information the website owner may not want known but can be discovered using techniques covered by CYRIN labs in the Network Monitoring and Recon and Web Application Security Analysis categories.
In this lab students will learn to find additional information from documents on the website. These documents have associated with them document metadata, which is information attached to a file that isn’t visible when the document is viewed. For example, metadata associated with a Microsoft Word document includes its creation time and the name of the person who created it. This is very likely information not intended to be publicly available.
Price included 6 months of access.