Vulnerability Assessment Management Labs

In this lab you will attempt to conduct basic analysis on some malware samples that were found on the internal network.

Students will identify a browser-based attack used against a corporate asset using a network protocol analyzer. Students will determine the type of attack used and pinpoint exploit code in network traffic.

Students will review network traffic to confirm the presence of malicious activity using various tools including Wireshark and VirusTotal.com.

In this final lab we will attempt to exercise all the relevant skills found in this domain. We are focusing on responding to incidents and the skills needed to address these sorts of problems at the "Practitioner" level.

This lab introduces students to the web application penetration testing suite within the Core Impact application.

Students will use OpenVAS to do a vulnerability analysis and fill out a recommendation form for the vulnerabilities found in the network.

In this lab we will simulate the recovery phase where we must perform a backup in a server environment.

In this lab you will perform the steps necessary to set up a pfSense firewall from the basic command line interface and then configure the firewall using the web configuration GUI on a Windows machine. This lab will provide an understanding how network interfaces are configured to allow network connectivity. You will also view and create a firewall rule which enforces your understanding of how network traffic can be managed at different levels – (IP-based, Protocol-based, Machine-based, etc).

Students will log into an organization's firewall, document existing firewall rules, analyze these rules and making recommendations based on this analysis. Students will then make make the necessary changes.

Students will scan a system in OpenVAS (Open Vulnerability Assessment) to discover and identify systems on the network that have vulnerabilities.

Several company employees have received unsolicited emails with suspicious pdf attachments. The CIO has asked you to look at the attachments and see if they are malicious.

In this lab you will use Microsoft Baseline Security Analyzer (MBSA) to perform scans of individual host computers and of groups of computers. You will also learn how to perform the most common scans using command line tools. Once completed, you will have learned how to use MBSA to perform a comprehensive security analysis of your network environment.

In this lab we will replicate potentially malicious scans from the Internet against a corporate asset. Scans from the Internet are very common. An analyst should know how to identify this activity by artifacts that are present in the IDS as well as entries in the web logs.

The Network Discovery lab is designed to help students facilitate open source collection by teaching them how to use more intimate network discovery techniques.

After identifying a SQL Injection attack, students will learn about parameterized queries in back-end web servers to minimize future SQLi attacks.

In this lab we will replicate the need for Analysts to be able to analyze network traffic and detect suspicious activity. Tools like Wireshark and Snort can be utilized to read, capture, and analyze traffic.

Students will use OpenVAS to do a vulnerability analysis. Students will then identify applicable vulnerabilities and protect their system(s) against them.

Students will become familiar with procedures used in the validation of suspicious files. During the course of the lab the student will generate a system-level baseline using a command line file hash tool, followed by checking new/unknown files against whitelists and online tools.