This Learn On Demand Pro Series is part of a Career Path: Become a SOC Analyst - Level 2
This lab provides a cybersecurity professional with insights into common cyber threat tactics, tools, and methods. You will review several scenarios that range from social engineering attacks, poor physical security findings, server misconfigurations, and penetration testing methods. You will explore attacks that can be perpetrated locally, such as reconnaissance and network sniffing attacks. Then you will explore scenarios around attacks that exploit weaknesses remotely over the network. You will learn about port scanning tools and methodologies and some of the common services targeted by an attacker (e.g., FTP, DNS, SMTP, HTTP, and NetBIOS).
Understand the scenario
You are a white-hat penetration tester or a security analyst, and you are exploring the vulnerabilities and types of attacks that could be perpetrated within your network.
In this section, you will explore a variety of scenarios that are common for a cybersecurity analyst or penetration tester to consider when assessing attack vectors within a local environment. You will learn examples of social-engineering attacks, physical security breaches, insider threat attacks, poor configuration practices, and targeted attacks by unscrupulous competitors. You will also explore common tools and tactics around password cracking, privilege escalation, and network data interception (i.e., sniffing attacks).
For this task, you will focus on the perspective of a remote attacker looking to exploit your environment across the network. You will think like a penetration tester and assess your environment to identify the ports and services that are listening within your environment. You will decide on whether a service is essential given the nature of the system that it is running on or if it is an unnecessary potential hole for an attacker to target. You’ll become familiar with the network mapping tool Nmap and some of the common services you may discover in your environment (e.g., FTP, DNS, SMTP, HTTP, and NetBIOS).
Lab Summary Conclusion:
In this hands-on virtual lab, you will be challenged to make decisions about the nature of cybersecurity attacks and scenarios. You will think like a penetration tester and evaluate the scenarios, to identify methods to test your environment and implement controls to help make it more secure. The skills learned in this lab are essential for SOC analysts, penetration testers, and cybersecurity risk managers.
Other Challenges in this series
- GUIDED CHALLENGE: Using tcpdump to Perform Packet Sniffing in Linux
- ADVANCED CHALLENGE: Can You Use Wireshark to intercept Network Traffic?
See the full benefits of our immersive learning experience with interactive courses and guided career paths.