Introduction to virtual labs
For anyone looking to develop their technical skills, there are a variety of methods available:
- Training courses
- Conferences and webinars
- Technical books, manuals, or other publications
- Technical websites, blogs, and forums
- Studying to achieve certification
- Projects that require new skills
- Hands-on practice in a lab
All of these are useful, but due to the practical nature of cyber-security, there has been a marked growth over the last few years in the use of online virtual labs for training. This is not only because cyber-security practitioners need to be able to try the new skills for themselves, but also because learning-by-doing or "Experiential Learning" has been repeatedly shown to increase the length of time that new knowledge is retained, even more so when combined with more traditional forms of instruction. [See References [1] [2] [3] [4] below for a selection of relevant studies]
Experiential learning
"For the things we have to learn before we can do them, we learn by doing them." - Aristotle, The Nicomachean Ethics.
Experiential Learning was popularized by Psychologist David Kolb in his book "Experiential Learning: experience as the source of learning and development" [5]. In it, he explained the principle of how people learn better through discovery and experience.
"Kolb states that to gain genuine knowledge from experience, the learner must have four abilities:
- The learner must be willing to be actively involved in the experience;
- The learner must be able to reflect on the experience;
- The learner must possess and use analytical skills to conceptualize the experience; and
- The learner must possess decision making and problem-solving skills in order to use the new ideas gained from the experience."
https://en.wikipedia.org/wiki/Experiential_learning [6]
A relevant paper that discusses the benefits of Experiential Learning is "Hands-On Crypto: Experiential Learning in Cryptography" [7]. In this paper, it states that:
"Experiential learning has been shown to be one of the best methods for learning, especially when combined with other forms of instruction."
It goes on to explain Kolb's four modes of learning, which are:
- Abstract Conceptualization (AC), where the focus is on using logic, ideas, and concepts.
- Reflective Observation (RO), where the focus is on understanding the meaning of ideas and situations by carefully observing and impartially describing them.
- Concrete Experience (CE), where the focus is on being personally involved in experiences.
- Active Experimentation (AE), where the focus is on actively influencing people and changing situations.
The paper quotes a study by Stice [8] that shows the effectiveness of using as many of these modes of learning as possible (summarized in the table below) where "Retention" indicates the amount of knowledge retained by students after using the different modes of learning:
To clarify, a normal lecture and homework model would predominantly use the Abstract Conceptualization (AC) and Reflective Observation (RO) modes of learning. Adding experiential learning in the form of Concrete Experience (CE) and Active Experimentation (AE) would allow all four modes to be included. Virtual training labs are arguably a combination of CE and AE modes, depending on how prescriptive they are and how open the environment is to experimentation.
Begin The "Linux Fundamentals for Security Practitioners" Course Today >>
Benefits of virtual labs
When it comes to acquiring new cyber-security skills, the two biggest problems are having an environment where the hardware and software are already configured, and the fear of damaging the system has been removed. This is where virtual labs come into their own.
The key benefits of virtual labs are:
- Real-world practical experience can be acquired without compromising live systems.
- Students can learn at their own pace, at times convenient, and from their own home.
- They build practical self-confidence.
- Labs can be launched instantly within a browser.
- They are relatively cheap compared to classroom-based training.
- They are an excellent supplement to video training courses (i.e., learn it, then do it).
- If the system gets broken, the lab can likely be restarted.
- Testing, feedback, and gamification can be built into a lab to increase retention and enjoyment.
- They can be designed to meet the objectives required for certifications.
- They can be used to familiarize new IT hires with corporate systems and help the existing IT teams stay current with evolving technologies.
Linux skills to acquire for an intermediate level of competency
For someone interested in taking their Linux skills to an intermediate level, the target should be those required of a junior system administrator. This means that there should be a breadth, as well as a depth of knowledge. For example, a capable systems admin should know how to:
- Add and remove hardware
- Configure and partition disks
- Configure networking settings
- Install the OS and applications
- Start and restart services
- Check which processes are running
- Do basic monitoring of CPU, memory, and disk
- Use scripting to perform basic tasks
- Manage users and groups
- Manage a server remotely
- Secure a system and resolve security issues
- Manage backups
- Write basic documentation
More specifically for Linux, they should have experience in using tools and services such as these:
- File management (e.g., ls, mv, rm).
- Text processing (e.g., sed, grep, awk).
- System information (e.g., uname, lshw, fdisk).
- Text editors (e.g., vim, nano, gedit).
- User account management (e.g., usermod, passwd, chmod).
- System utilities (e.g., uptime, hostname, timedateacl).
- Processes and scheduling (e.g., ps, kill, crontab).
- OS maintenance (e.g., shutdown, reboot, halt).
- System Monitoring (e.g., top, lsof, w).
- Shell scripting (e.g., conditional statements, loops, and functions).
- Networking (e.g. ifconfig, netstat, tcpdump).
- Network services (e.g., Apache, SSH, DHCP).
- System updates and repositories (e.g., rpm, apt, dpkg).
- Security tools (e.g., Wireshark, nmap, nikto).
- Storage management (e.g., lsblk, pvcreate, mount).
Using virtual labs to improve Linux skills
To compliment Cybrary's online courses, there is a comprehensive set of virtual labs that can be used to acquire the practical skills needed to be a junior systems administrator. As discussed above, combining these two modes of learning will significantly increase both the student's knowledge and how long it is retained.
Listed below is a recommended selection from Cybrary's intermediate-level Linux labs to build a comprehensive set of Linux skills. Note that Cybrary also offers Skills Assessments to test and demonstrate a student's knowledge, either to an employer, or in preparation for a certification exam. A number of these are referenced underneath the virtual training labs, below:
- Using the Find and Locate Commands to Search for Files in Linux. Become familiar with commands in Linux such as the find, locate, whereis, and which commands.
- Manage Users in Linux
How to create, modify, configure, and delete user and group accounts using the command-line in terminal and text editor in vim.
Use command-line tools to create, modify, and manage users and groups within the Linux operating environment.
Use a CentOS 7 Linux server to perform basic administrative tasks within Linux. This lab will demonstrate how to escalate your privilege to root and to delegate privilege for administrative tasks to non-privileged users.
Learn how to create and manage user/group accounts, manage permissions for accounts, crontabs, and directories, monitor and optimize services, configure and manage auditing and logging, and implement SELinux.
This lab will teach the basics of writing a script in Linux for backing up a user's entire file system.
Obtain a good working knowledge of timedateacl commands by setting up time synchronization, configuring the network time protocol, and setting the time zone on a Linux server.
Gathering and managing processes and their performance through a terminal.
How to use Logwatch to generate automatic and manual log reports and Logrotate to manage the archiving of log files.
How to gather information about your server and its configuration - processor, memory, storage, network configuration, OS, software inventory, and user accounts.
Configure an Ubuntu DNS server by installing Berkeley Internet Naming Daemon 9 (bind9), create forward and reverse lookup zones, as well as NS and A records in the zone file for each server, and configure Internet Fully Qualified Domain Names (FQDNs).
Students will identify access to a PFSENSE firewall through the forwarding of SYSLOG (System logs) from a Firewall to a SYSLOG service and then identify malicious activity through system logs.
Discern the difference between IPv4 and IPv6 addressing, as well as how to configure and test both IPv4 and IPv6 settings on a Linux network interface.
How to configure Linux IPv4 routing by using the Netplan config YAML file and two subnets.
Assess ports of various devices on an assigned network using Hping3. Students will attempt to avoid an Intrusion Detection System (IDS) using non-traditional scans.
How to conduct scanning to find MAC addresses, IP, and ports of a targeted machine. Learners will gain experience using Netdiscover, Masscan, and Netcat to complete enumeration.
Conduct a variety of network vulnerability scans in Ubuntu against hosts and machines. This requires the installation of Nmap, Apache2, and configuration of the Linux Uncomplicated Firewall (ufw) to block ICMP ping requests.
Learn how to use Wireshark to capture secure or public messages sent through HTTP, FTP, and SSH and then intercept and view network packets detailing exposed transmissions.
The lab introduces several vital tools used for exploitation, including BurpSuite, Metasploit, Python scripts, and Zenmap. You will also exploit vulnerabilities found while using the tools.
Students create five user accounts and passwords to audit in a Linux password cracking utility called John the Ripper.
Skill assessments - Intermediate:
Linux System Administrator Linux Shell Kali Linux Sandbox Kali Linux Skill Assessment
References:
[1] "Effectiveness of Experiential Learning for Keeping Knowledge Retention in IoT Security Education" https://ieeexplore.ieee.org/abstract/document/8113334 TLDR: The evaluation result indicates that learners who took the experiential learning could retain knowledge better than learners who took the non-experiential learning.
[2] "A Study on Effective Instructional Design for IoT Security Education Focusing on Experiential Learning" http://www.iaiai.org/journals/index.php/IJLTLE/article/view/315 TLDR: Most learners in the non-experiential learning group couldn't retain the knowledge they had obtained several weeks before. This is evidence that instructional design, including experiential learning, brings superior learning effectiveness for IoT security education.
[3] "The Differential Effects of Experiential Learning Activities and Traditional Lecture Classes in Accounting" https://journals.sagepub.com/doi/abs/10.1177/1046878191222003 TLDR: The key difference in the two learning methods is the students' retention of the concepts over time.
[4] "Comparing experiential versus conventional learning on knowledge retention for teaching surgery to medical graduates" https://www.sciencedirect.com/science/article/pii/S1319453420300023 TLDR: Both teaching modalities were effective in improving the knowledge rate of the students. However, in the experiential learning group (lab group), the knowledge gain was higher than in the traditional group (lecture group).
[5] "Experiential Learning: experience as the source of learning and development", David Kolb, Prentice Hall (1984).
[6] Experiential Learning (viewed 11 August 2020) https://en.wikipedia.org/wiki/Experiential_learning TLDR: Experiential learning, also known as (EXL), is the process of learning through experience, and is more specifically defined as "learning through reflection on doing".
[7] "Hands-On Crypto: Experiential Learning in Cryptography" https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.131.9648&rep=rep1&type=pdf TLDR: Experiential learning has been shown to be one of the best learning methods, especially when combined with other forms of instruction.
[8] "Using Kolb's Learning Cycle to Improve Student Learning," J. E. Stice, Engineering Education, 77, pp. 291- 296 (1987).
