You should have a good understanding of TCP/IP and traffic flows. In addition, students may be working with routers, switches, firewalls, and IDS/IPS devices, and security information event management (SIEM), so should have some working knowledge of any network, security and appliance products. Participant will take on roles of managing the network, application and security appliance/devices during the class, so should have an understanding of these roles. This course will give students an understanding of offensive and defensive cyber security methods. Participant will gain knowledge and skills in reacting to a myriad of cyber security and application traffic flows. You will be put through Operational Scenarios that include malicious and non-malicious traffic in a safe, secure environment. Train IT and Operations teams on varied attack and defence techniques, using security controls in a simulated or emulated environment. What it covers/What you will learn:

  • Overview of your Cyber Drills setup of the exercise range

  • Learn about single-attack vectors and how they work

  • How to differentiate good versus malicious traffic

  • Determine which security controls to use and how to configure them

  • Learn about multi-attack vector scenarios and how they work

Labs / Scenarios:
           Labs to create Stack Scrambler traffic flows
           Reconnaissance Activities
           PING sweep
           Port scans
           IP Layer Attacks
           ICMP flood
           ICMP flood with fragments
           ICMP flood from different clients to different targets

Transport Layer Attacks
           TCP SYN flood
           TCP SYN ACK flood
           TCP PUSH flood

           Application Layer Attacks
           DNS based attacks
           HTTP fragmentation attacks
           Excessive Verb (POST)
           Excessive Verb (GET)

Run a mix of the over 37,000 pieces of live malware in different combinations depending on the targets

Comprehensive operational platform:
End-to-end operational environment with a comprehensive range of security solutions or technologies from both commercial and industry-leading open source partners. Empowers more realistic and experiential learning to detect, protect and respond to cyber threats. Look forward to seeing you on red or blue team!