LabSim Chapter 1

docx

School

Nova Southeastern University *

*We aren’t endorsed by this school

Course

615

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

37

Uploaded by gioroa20

Report
1.1.1 The Security Landscape Click one of the buttons to take you to that part of the video. The Security Landscape 00:00-00:24 Welcome to TestOut's Security Pro course. This course is designed to help you understand the Information security landscape and will prepare you to become a security professional. But before we can dive into the ever-changing murky waters that is information security, we first need to talk about the security landscape that all security professionals must face. A Never-Ending Arms Race 00:24-01:31 In today's world, cyber criminals are a very real and dangerous threat. One way to think about Information security is that of a never-ending arms race, with the sophistication of the weapons being used advancing exponentially. Every day cyber criminals are finding new and innovative ways to exploit and infiltrate even the most secure systems and the security world is barely able to keep up. Gone are the simple days of protecting a system from the random individual hacker. Instead, we are now combating a very organized, advanced, and powerful force that comes in many different forms, from script kiddies to nation states, organized crime to hacktivists, and everything in between. Our job as a security professional is to defend against these organizations and the various techniques they use. Often times this means we need to think like they do look at our system and network from the eyes of an attacker. It also means we need to try to be one step ahead of them at all times. However, this is becoming more and more difficult as the number of internet-connected devices increases and the speed at which people expect new technologies to emerge. Minimization is the Goal 01:31-02:39 See, the faster new technology is developed and created, the less time it has to be thoroughly tested for vulnerabilities, holes, exploits, et cetera. In addition, each new device that connects to a network presents a new point of entry for an attacker that didn't exist before. Even more unsettling are the exploits that haven't even been discovered yet that attackers could using in the wild. Because of all these variables, the goal for security professionals can never be that of eliminating attacks or breaches, that's impossible. Now, I'm not saying this means we should just give up. We still need to secure our systems and take all the necessary precautions in order to reduce the threat surface. However, know that if your system is connected to the internet, then it's essentially impossible to protect your network from any and all attacks. Understanding this, a security professional's goal should instead be to minimize the occurrence of attacks and reduce the damage caused by a breach. In other words, you need to properly secure and protect systems while at the same time understanding that a breach is going to occur. And when it does, you need to be able to identify the moment the breach occurred and stop it as fast as possible.
Being Proactive 02:39-03:25 Doing this requires you take a proactive approach to security. But how do you do that? Some obvious aspects of this approach include keeping systems up to date, implementing proper policies and procedures, hardening systems and networks, and so on. But another, often times neglected, aspect of this approach includes being informed. Because the security landscape is ever-changing, you need to be extra diligent in keeping up to date on the most recent vulnerabilities and exploits used by hackers as well as the latest security techniques and technologies used by security professionals. The internet is an endless supply of information, so be sure to use it. Blogs, news outlets, forums, podcasts, the list goes on, these are all great resources that will help you keep up to date on the latest security trends. Summary 03:25-03:47 Remember, as a security professional, it's your job to try to stay one step ahead of an attacker. You can do this by taking a proactive approach to security. Stay informed, read the landscape, know your systems and network, and understand that you can only protect a network to a point. Beyond that, it's your job to know what an attack looks like and stop it before any substantial damage can occur. 1.1.2 Security Concepts Click one of the buttons to take you to that part of the video. Security Concepts 00:00-00:19 In order to be an effective security professional, you need to be familiar with the concepts and the roles surrounding information security. This will help you understand the industry terms and lingo, and it will also provide a lot of context as you progress through this course. Assets 00:19-00:56 The first information security concept that you need to be familiar with is that of an asset. An asset is simply something that has value to an individual or an organization. This can be a physical device, such as a laptop or iPad, or it can be electronic information, such as a pdf document on a server. However, most of the time we're talking about an asset we mean the latter. For example, let's suppose we have a server in our organization, and on this server there is a database that contains customer information, including credit card numbers and order history. This database has a lot of value to the organization and is therefore considered an asset. Threats 00:56-01:38
The next security concept that you need to be aware of are threats. Threats represent anything that has the potential to cause the loss of an asset. And notice I said has the potential to cause the loss of an asset. A threat isn't the actual loss of an asset. It's merely the potential—"the risk—"that an asset could be stolen. A threat can come in many different forms. It can be a virus, a Trojan, an external hacker, an internal employee. Because threats come in all shapes and sizes, sometimes we refer to them as blended threats. To continue with our example, some threats to our customer database include ransomware, data exfiltration—"which is a fancy way of saying stealing data—"Trojans, and hackers. Threat Agents 01:38-02:53 Next, we have the threat agent. A threat agent is the actual person or entity that carries out a threat. When it comes to threat agents, there are a few characteristics, or attributes, that can categorize them. For example, threat agents can be internal or external; they can have a little to no resources or funding, or they can be heavily funded with a lot of resources; they can also be opportunistic —"that is, they are simply attacking a system because it has a vulnerability—"or they can have a specific intent or motive. Now, within these threat agent categories, there are different types of actors—"the type of entity carrying out the attack. For example, an actor could be an organized crime syndicate trying to steal credit card information. An actor could also be a nation state trying to steal classified information. Even business competitors can be a type of actor who try to steal company secrets in order to gain an economic edge. One example of a nation state actor you might be familiar with is North Korea. On November 24, 2014, North Korean hackers gained access to Sony Pictures networks and stole confidential information, including employee records, personal emails, and copies of unreleased movies. The information was then released to the public on the internet. Vulnerability 02:53-03:13 In order for threat agents to carry out a threat, they need an opening—"a weakness in the system. This is known as a vulnerability. For example, a vulnerability could be a disgruntled internal employee who happens to be an information security professional and has an elevated level of access to a server system. Another vulnerability is an enabled USB port. Exploit 03:13-03:49 And the last concept we will talk about is an exploit. An exploit is a procedure, a piece of software, or a sequence of commands that takes advantage of a vulnerability to actually carry out an attack. For example, say we have an enabled USB port on our customer database—"first vulnerability —"and we also have a disgruntled employee—"second vulnerability.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Let's say that the employee decides to use a USB thumb drive to steal the customer database. This is an exploit. The employee used the vulnerability of the enabled USB port and their elevated permissions in order to steal the customer database. Summary 03:49-04:12 Because security is a constant balancing act between convenience and protection, you will constantly be looking at ways you can mitigate risk and threats while also maintaining an acceptable level of ease of use. However, by understanding the basic concepts of information security, you will have a much easier time assessing the risks to your systems and identifying the ways in which you can protect it. 1.1.3 Security Introduction Facts Security is an ongoing process that includes assessing requirements, setting up organizational security systems, hardening and monitoring those systems, responding to attacks in progress, and deterring attackers. If you can summarize the fundamental concepts that underpin security functions, you can contribute more effectively to a security team. You must also be able to explain the importance of compliance factors and best practice frameworks in driving the selection of security controls and how departments, units, and professional roles within different types of organizations implement the security function. This lesson covers the following topics: Security challenges Security control types Security roles and responsibilities Security Challenges In regards to information security, computers, and IT networks, modern-day security challenges include the following: Challenge Description Sophisticated attacks Sophisticated attacks are complex, making them difficult to detect and thwart. Sophisticated Use common internet tools and protocols, making it difficult to distinguish an attack fr legitimate traffic. Vary their behavior, making the same attack appear differently each time. Proliferation of A wide variety of attack tools are available on the internet, allowing anyone with a moderate
Challenge Description attack software technical knowledge to download the tools and run an attack. Attack scale and velocity The scale and velocity of an attack can grow to millions of computers in a matter of minutes to its ability to proliferate on the internet. Because modern attacks are not limited to user inte such as using a floppy disk to spread an attack from machine to machine, the attacks often a large numbers of computers in a relatively short amount of time. Security Control Types Information security and cybersecurity assurance are met by implementing security controls. By identifying basic security control types, you will be better prepared to select and implement the most appropriate controls for a given scenario. All controls are designed to fulfill three main goals: confidentiality, integrity, and availability. Confidentiality  ensures that data is not disclosed to unauthorized persons. Integrity  ensures that data is not modified or tampered with. Availability  ensures the data is available when needed. Security controls can be classified in different ways to fulfill the goals of your organization. Controls can be classified based on the way they are implemented. This includes oversight or managerial controls, operational controls that rely on people, technical or system-based controls, and, finally, non-technical physical controls such as alarms, locks, cameras, etc. Another method is to classify controls by the goal or function they perform. This involves controls that prevent attacks before they happen, detect attacks when they occur, and help correct and restore damage caused by attacks. Finally, there are controls to cover additional areas such as employee expectations, policies, and employment or disciplinary procedures. Other controls may not actually do anything but are designed to deter malicious actions. There are also times when standards or legal requirements mandate controls that should be used. If it is not possible to implement, an organization can sometimes replace that control with a replacement option that is as good or better than the original. Security Roles and Responsibilities You should also be able to describe how specific job roles and organizational structures can implement a comprehensive security program for organizations. IT professionals working in a role with security responsibilities must be competent in a wide range of disciplines, from network and application design to procurement and human resources (HR). The following activities might be typical of such a role: Participate in risk assessments and testing of security systems and make recommendations.
Specify, source, install, and configure secure devices and software. Set up and maintain document access control and user privilege profiles. Monitor audit logs, review user privileges, and document access controls. Manage security-related incident response and reporting. Create and test business continuity and disaster recovery plans and procedures. Participate in security training and education programs. The following units are often used to represent the security function within the organizational hierarchy. A security operations center (SOC) is a location where security professionals monitor and protect critical information assets across other business functions, such as finance, operations, sales/marketing, etc. Because SOCs can be difficult to establish, maintain, and finance, they are usually employed by larger corporations, like a government agency or a healthcare company. A security operations center (SOC) provides resources and personnel to implement rapid incident detection and response, plus oversight of cybersecurity operations. (Image © gorodenkoff 123RF.com.) Network operations and cloud computing make ever-increasing use of automation through software code. Traditionally, software code would be the responsibility of a programming or development team. Separate development and operations departments or teams can lead to silos, where each team does not work effectively with the other. Development and operations (DevOps) is a cultural shift within an organization to encourage much more collaboration between developers and systems administrators. By creating a highly orchestrated environment, IT personnel and developers can build,
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
test, and release software faster and more reliably. DevSecOps extends the boundary to security specialists and personnel, reflecting the principle that security is a primary consideration at every stage of software development and deployment. This is also known as shift left, meaning that security considerations need to be made during requirements and planning phases, not grafted on at the end. The principle of DevSecOps recognizes this and shows that security expertise must be embedded into any development project. Ancillary to this is the recognition that security operations can be conceived of as software development projects. Security tools can be automated through code. Consequently, security operations need to take on developer expertise to improve detection and monitoring. A dedicated computer incident response team (CIRT)/computer security incident response team (CSIRT)/computer emergency response team (CERT) is a single point of contact for the notification of security incidents. This function might be handled by the SOC, or it might be established as an independent business unit. 1.1.4 Security Job Roles Click one of the buttons to take you to that part of the video. Job Roles Using Security Pro 00:00-05:00 James Stanger When it comes to the world of cyber security there are a lot of kinda continents available in that world. In other words, there are a lot of different jobs within the realm of cyber security. To tell us more about that we've got Brian Calkin. Brian, how you doin'? Brian Calkin I'm doing great, James. How are you? James Stanger Doing great, man. Doing great. Brian Calkin is the Chief Technology Officer for CyberWA. And Brian, tell us a bit more about CyberWA yourself. Let's start talking about the world of cyber security jobs that are available to folks. Brian Calkin Absolutely, yeah. So I've been in cyber security now for going on 20 years, various roles over the years I've had, to include all the way from a SOC analyst to a person that has built SOCs, run
SOCs, led response teams, various management roles,executive roles. And as you mentioned, currently the Chief Technology Officer for a company called CyberWA where we are offering cyber protective services for high-net-worth individuals and celebrities. James Stanger So you know when it comes to putting a Security Operations Center together, more importantly you have to have workers at various tiers, various levels. Is a Security Operations Center analyst, a SOC analyst, a good first cyber security job? Brian Calkin I'd actually argue it's the best first cyber security job, but I can stand by that pretty strongly having been one, and having hired many and managed many of them over the years. I think that as folks are getting started in cyber security, and they may be not exactly sure where their passions might lie, whether they want to dive into penetration testing, or vulnerability assessments, or incident response, I think that you get enough exposure to each of those various individual sort of work items with being a SOC analyst. You just get this broad experience that you can apply later on in your career. James Stanger I've known quite a few beginning SOC analysts. They basically take tickets, as it were, oftentimes, right? And then they determine if they can handle it themselves, if it really is a big thing, and then escalate it. Is that, in general terms, what you're gonna do with that particular job role? Brian Calkin Absolutely, yeah. So generally the way it works is we will hire somebody, you know, either straight out of college, or maybe new to cyber security in general, as what we call an entry level or a tier one analyst. So these are the folks that are getting the broadest experience in handling most of the, if not all of the inbound requests from customers, whether they be internal customers to your organization, or, you know, external customers if you're running an external shop. But yeah, fielding emails, fielding phone calls, and running down things like, you know, requests for analysis or requests for assistance. And then yeah, if they get into a bind or a tough spot where they've sort of hit the limits of what they know and can do, then they would escalate up to the tier two analyst. James Stanger You know, there are other job roles out there, you know, a pen tester for example, or security administrator. Let's talk about a couple of those real quick. Brian Calkin
Yeah, sure. Those are always popular too, and folks, they like the pen testing roles, security admin roles, security engineer roles. So for instance a penetration tester would be somebody that is identifying vulnerabilities in a system, or a network, or a networkperimeter, and then trying to put on the role of the hacker or the black hat, and then try to exploit those vulnerabilities to try to get in, you know. And the purpose, of course, is to let the organization know they found this vulnerability and they were able to exploit it, versus a security engineer would be, so if a pen tester is playing offense, the engineer would be playing defense. The security engineer is preparing those systems to be as secure as possible as they're being deployed. Think, you know, deploying a new server and hardening it for best practice or per recommendations in order to make it as resilient as possible to a cyber attack. James Stanger Additional job roles can include things like, you know, a help desk analyst, or a vulnerability manager, things like that. But tell me a bit more about some of those. Brian Calkin Yeah, sure. Vulnerability assessment, vulnerability manager is another really popular one that, you know, I've worked with a number of those folks over the years. So these are the folks that are essentially doing things like, or could include running vulnerability scans, looking at various vulnerabilities that an organization might have within their environment, and then assessing, you know, what is the impact should this vulnerability get exploited, making sure the vulnerability can be patched, if it maybe can't be patched, and what else they could do to help mitigate the vulnerability. You know, is there some other mitigating factor in play they could apply to kind of close that hole, you know, if you will. James Stanger Brian, thank you so much for talking about just a few of the many job roles that are available within cyber security. Sure appreciate it, man. Brian Calkin Yeah, you're welcome. Thanks, James.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
1.2 Security Controls Click one of the buttons to take you to that part of the video. Control Categories and Types 00:00-00:19 In this video, I'll discuss security control categories and types. As a security professional, your job is to protect the company's assets and business. This means that you're there to prevent hazardous events or to minimize their damage. Managerial 00:19-00:41 Let's get started. Managerial controls consist of management techniques and administrative procedures. These can include security policies, hiring policies, disaster recovery plans, or DPRs, and business continuity plans, or BCPs. You should always include written plans for how and when to escalate events and when you need to consult outside help. Operational 00:41-00:52 Operational controls are ones that the security team performs everyday. These might include reviewing network monitoring data, ensuring that security cameras are working, and requiring visitors to sign in. Technical 00:52-01:07 Technical controls are based around software, applications, and security appliances. These controls vary greatly by company. Some examples you might see in your line of work are IDSs, IPSs, access control apps, and ASAs. We use preventative controls for security breaches, but you might see these tools used with other control types as well. Preventative 01:07-01:42 The easiest preventative control is an Advance Network Appliance, which is sometimes also called an Adaptive Security Appliance, or ASA. This is basically a firewall and router combination that's capable of hosting IDSs and IPSs. A less expensive preventative control is a simple updated antivirus, considering that these have improved drastically over the years. Office access control is also an excellent preventative control, especially if you're using biometrics. Detective 01:42-01:59
Detective controls inform the security team of an event that's occurring or provide them with logs and artifacts to them help investigate the event further. Examples would be network monitoring applications, log collectors, real-time monitoring alerts, and intrusion detection systems, or IDSs. Corrective 01:59-02:26 Corrective controls are those that attempt to fix any damage caused by an event. These tools work during and after the course of the event. Think of this as a form of risk mitigation. For example, an intrusion prevention system, or IPS, is designed to intercept packets that are potentially malicious and either drop or isolate them. Another example is endpoint protection, which works to stop malicious data by looking at its signature or behavior. The deterrent control type discourages malicious actors from trying to breach a network. Deterrent 02:26-02:53 The more deterrents you have, the less likely it is that anyone will try. These could include internal security policies, access-protected doors for a server room, entry-point access restriction, biometric sensors, man traps, security cameras, security training, and security guards. Remember, the stronger the deterrents, the less likely it is that a breach occurs. Physical deterrents keep unauthorized people from physically accessing a company's assets. Physical 02:53-03:58 So locked doors, proximity cards, fences, cameras, and guards are all ways to physically protect your network. Motion detectors for after-hours monitoring is another example. Please note that device management is often overlooked by companies. With the prevalence of mobile devices, your company should be able to remotely wipe any devices that are lost or stolen. Let's look at some scenarios. Let's say that a biometric thumbprint scanner has been installed in the lobby of your building. It requires everyone to scan their thumb to gain access. A malicious actor tries to enter, but their print doesn't match. An access-denied alert is flashed on the screen, and the IT team is fully aware of what's happening. Usually, the imposter doesn't stay around to be questioned! Another common ploy is for an imposter to try and take advantage of a person's kindness. In this case, an imposter tries to gain entrance from a legitimate employee's proximity badge by claiming to have forgotten theirs. Hopefully, the employee remembers their security training and politely tells the imposter, "No." That's it for this lesson. Summary 03:58-04:18
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
In this lesson, we learned about control categories as well as control types. Categories include managerial, operational, and technical. The security control types we learned about are preventative, corrective, deterrent, and physical. You should use all of these tools together to help you create a secure network. 1.2.2 Control Categories and Types Facts Information security and cybersecurity assurance are met by implementing security controls. By identifying basic security control types, you will be better prepared to select and implement the most appropriate controls for a given scenario. You should also be able to describe how specific job roles and organizational structures can implement a comprehensive security program for organizations. This lesson covers the following topics: Security control categories Security control functional types Security Control Categories Information and cybersecurity assurance usually takes place within an overall process of business risk management. Implementation of cybersecurity functions is often the responsibility of the IT department. There are many ways of thinking about how IT services should be governed to fulfill overall business needs. Some organizations have developed IT service frameworks to provide best practice guides for implementing IT and cybersecurity. These frameworks can shape company policies and provide checklists of procedures, activities, and technologies that represent best practices. Collectively, these procedures, activities, and tools can be referred to as security controls. A security control is designed to give a system or data asset the properties of confidentiality, integrity, availability, and non-repudiation. Controls can be divided into four broad categories based on the way the control is implemented: Managerial  — the control gives oversight of the information system. Examples could include risk identification or a tool allowing the evaluation and selection of other security controls. Operational  — the control is implemented primarily by people. For example, security guards and training programs are operational controls. Technical  — the control is implemented as a system (hardware, software, or firmware). For example, firewalls, antivirus software, and OS access control models are technical controls.
Physical  — controls such as alarms, gateways, locks, lighting, and security cameras that deter and detect access to premises and hardware are often placed in a separate category from technical controls. Categories of security controls Although it uses a different scheme, be aware of how the National Institute of Standards and Technology (NIST) classifies security controls csrc.nist.gov/publications/detail/sp/800-53/rev-5/final   ). For example, as of NIST 800-53 rev 4, the class designations of technical, operational, and managerial were removed from the control families list. Instead, they were redefined as properties of individual controls within a family. They are included to help familiarize learners with the basic concepts presented in 800-53 and due to the continued use of this terminology by many organizations and publications. Be aware that terminology usage and practice are always evolving. Security Control Functional Types As well as a category, a security control can be defined according to the goal or function it performs: Preventive  — the control acts to eliminate or reduce the likelihood that an attack can succeed. A preventive control operates before an attack can take place. Access control lists (ACLs) configured on firewalls and file system objects are preventive-type technical
controls. Antimalware software acts as a preventive control by blocking malicious processes from executing. Detective  — the control may not prevent or deter access, but will identify and record an attempted or successful intrusion. A detective control operates during an attack. Logs provide one of the best examples of detective-type controls. Corrective  — the control eliminates or reduces the impact of a security policy violation. A corrective control is used after an attack. A good example is a backup system that restores data damaged during an intrusion. Another example is a patch management system that eliminates the vulnerability exploited during the attack. While most controls can be classed functionally as preventive, detective, or corrective, a few other types can be used to define other cases: Directive  — the control enforces a rule of behavior, such as a policy, best practice standard, or standard operating procedure (SOP). For example, an employee's contract will set out disciplinary procedures or causes for dismissal if they do not comply with policies and procedures. Training and awareness programs can also be considered as directive controls. Deterrent  — the control may not physically or logically prevent access, but it psychologically discourages an attacker from attempting an intrusion. This could include signs and warnings of legal penalties against trespass or intrusion. Compensating  — the control is a substitute for a principal control, as recommended by a security standard. It affords the same (or better) level of protection but uses a different methodology or technology. Functional types of security controls. (Images © 123RF.com.)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
A security policy is a formalized statement that defines how security will be implemented within an organization. It describes the means the organization will take to protect the confidentiality, availability, and integrity of sensitive data and resources. The implementation of a security policy to support the goals of the CIA triad might be very different for a school, a multinational accountancy firm, or a machine tool manufacturer. However, each of these organizations, or any other organization (in any sector of the economy, whether profit-making or non-profit-making), should have the same interest in ensuring that its employees, equipment, and data are secure against attack or damage. An organization that develops security policies and uses framework- based security controls has a strong security posture. As part of the process of adopting an effective organizational security posture, employees must be aware of their responsibilities. The structure of security responsibilities will depend on the size and hierarchy of an organization, but these roles are typical. Overall responsibility for the IT function lies with a Chief Information Officer (CIO). This role might also have direct responsibility for security. Some organizations will also appoint a Chief Technology Officer (CTO), with more specific responsibility for ensuring the effective use of new and emerging IT products and solutions to achieve business goals. In larger organizations, internal responsibility for security might be allocated to a dedicated department run by a Chief Security Officer (CSO) or Chief Information Security Officer (CISO). Managers may have responsibility for a domain, such as building control, web services, or accounting. Technical and specialist staff have responsibility for implementing, maintaining, and monitoring the policy. Security might be made of a core competency of systems and network administrators, or there may be dedicated security administrators. One such job title is Information Systems Security Officer (ISSO). Nontechnical staff have the responsibility of complying with policy and with any relevant legislation. External responsibility for security (due care or liability) lies mainly with directors or owners, though again, it is important to note that all employees share some measure of responsibility. NIST's National Initiative for Cybersecurity Education (NICE) categorizes job tasks and job roles within the cybersecurity industry (  gov/itl/applied-cybersecurity/nice/nice- framework-resource-center  ).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
1.3.1 Use the Simulator
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Click one of the buttons to take you to that part of the video. Use the Simulator 00:00-00:15 TestOut's lab activities are key to your training. In this demonstration, I'm going to show you the components of the Lab Simulator so that you can successfully complete the activities in this course. Scenario Window 00:15-00:52 Some labs start out with an overview of the office. We'll talk about that a bit more later, but first, let's click on Hardware here in Office 2. The lab has four main areas. Over here, on the left, is the Scenario window. This window is very important. It describes the tasks that you're required to perform during a given lab activity. Typically, the items in this bullet list provide you with all the tasks that you'll be evaluated on. You'll be expected to perform these tasks correctly as you go through the lab. If you need more space while you're working, you can hide the Scenario window by clicking this button right here, and you can click it a second time to bring it back. Workspace Area 00:52-01:10 The main area where you'll do most of your work is called the Workspace. It includes all the items you'll work with and configure. For example, in this simulation, we have a computer, and we have wall plates with connectors for cable internet, the network, the telephone, and for AC power. Shelf Area 01:10-01:26 We also have the Shelf. This holds pieces of equipment organized by category. These are the objects you'll use to complete configuration tasks over in the Workspace. You can think of the Shelf as your inventory of spare parts or an online ordering system where you can order the parts that you need. Read the Scenario 01:26-01:37 Now, let's go through the process of completing a lab. The first thing you need to do is read the Scenario. Read it very carefully because when you're done, you're evaluated on whether you did everything it asked you to. Review Objects in the Workspace 01:37-02:43 You'll often need to examine objects within the Workspace more thoroughly. You can use this slider to zoom in and out. You can also use the zoom out and zoom in buttons or the drop-down list here. Before we go any further, I need to point out that each object within the Workspace occupies a certain amount of space, which is denoted by the outline that's around each object. For example, this is the area for the computer, and this is the area for the wall plates. Within each of these windows, there are buttons that allow you to change the viewing perspective for that object.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
I'm currently looking at the front of the computer. But let's that suppose I need to do some work on the back. I can come up here and click the Back button. If I need to see the front of the computer again—say, to power it on—I click the Front button. You'll notice that not all of the objects have multiple views. The computer does, but the wall plates only have one view—the Front view. Let me sort of jump ahead for the sake of showing you something. I'm going to grab the mouse and keyboard from under Input Devices on the Shelf. You're not stuck with this layout in the Workspace. For example, I could grab the mouse and move it to the other side of the keyboard or move it back. Find Objects on the Shelf 02:43-04:01 Once you've familiarized yourself with the items in the Workspace, you need to go over here—to the Shelf—and use the categories displayed to find the objects that are required to complete the Scenario. If you're looking at an item on the Shelf, and you're not sure what it is, click on that object's Details link. For example, I can click the Details link here for the video cable. When I do, an overview of the cable is displayed. Notice that, for this object, we see the cable itself. We can see each connector, and I can look at the front, back, and top of each one. Also, notice that when I click an item on the Shelf, it's displayed down here in the Selected Component window, and we can access the same information using the Details links down here. Being able to view the details of a particular object on the Shelf is very useful because it helps you verify that the object you've selected is the correct one for the scenario's particular requirements. And I should point out here that, with some objects, when you view their details, you see an additional tab called Specifications, which opens a window that provides even more information. Right now, we don't have an object on the Shelf or Workspace that has a Specification tab, but some do—for example, a motherboard will most likely have one. The information there is similar to what you might find in a user manual for that particular item. Add Items to the Workspace 04:01-04:54 Before we can work with an object in the Workspace, we have to first add it or connect it to an item that's already there. For example, to add this Monitor to the Workspace, we expand Monitors and then drag it over here. Notice that when I do, you see yellow lines appear, which tell me where I can drop the monitor in relation to the other objects that are already there. In this case, I want to add the monitor to the Workspace right next to the PC system itself, so I'm going to drop it right here. And now, it's there. Pretty simple! Once the object is in the Workspace, I can manipulate it to accomplish the tasks in the Scenario. In this example, I need to look at the back of the monitor, and I need to use cables to connect this monitor to the computer system and the power outlet. Let's look at the back of the computer as well as the monitor to see all the connectors. Connect Devices 04:54-07:46 With this done, I now need to use the appropriate cables to connect these two devices together and connect the monitor to the power outlet. Let's go over here and expand Cables, and let's connect the monitor to the computer system using a video cable. I can click on the video cable so that it appears down here, in the Selected Component window. Let's grab each connector and add it
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
to the appropriate port on the back of the computer and monitor. And let's quickly drag this connector to the monitor. Notice here that there are three different ports available, and as I hover over each one, it's outlined in blue. That blue rectangle tells me that this is a potential place where I could connect this particular device. It doesn't mean it's the right connector, though—it just means that it's an option you could try. In this case, I'm dealing with an HDMI connector, so I need to make sure that I drag and drop it in an HDMI port—right here. I release the mouse, and now, one end of the connector is connected to the monitor. If we look at the connector's status down here, it's got one end connected to the monitor now. The other is still unconnected. And notice that when I did that, the Partial Connections window was displayed. You'll always see this window when one end of a cable is connected, but the other end isn't. Now we need to connect the other end of the cable to the PC system. I'm going to click and drag. And just like with the other end of the cable, I need to pick the right port to connect it to. And there it is. Once again, the status is updated down here, in the Selected Component window. One end is connected to the computer and the other to the monitor. Now, you might be wondering, "What happens if I drop this on an incompatible connector?" Well, when you do, an error is displayed down here, saying, "Hey, you can't connect that there." Let's go ahead and put it back on the correct port. And that's one way you can connect devices together using an item from the Shelf. There's another way to do it as well, and that's to drag the cable directly from the Shelf and then drop it on the appropriate connector. In this case, I'm going to drag the power connector, and I'm going to drop it on the monitor's power socket. Notice that this cable has two different connectors— we have a female connector and a male connector. The simulator doesn't know which end of the cable I want to connect. It brings up a list of possibilities, and I have to tell it specifically which one I want to use. Let's go ahead and use the AC Power Female Connector. And now that the end is connected to the monitor itself, let's plug the other end into the AC wall plate. Remember, I also moved our mouse and keyboard to the Bench from the Shelf. Let's plug those in really quick. First, I'll select the keyboard, find the USB on the back of the PC, and plug it in. Now let's do the same thing for the mouse. Turn on the Computer 07:46-08:10 Before we can use the computer or monitor, we obviously need to turn them on. Let's start with the computer. If you hover over the power button, you'll notice that it's highlighted in blue. I'm going to click it to turn it on. It's telling me that the monitor has no display—that's because it's not turned on. Let's go over to the monitor and power it on as well. Now I'll click on the Windows screen. Operating System View 08:10-09:10 As you can see, we have a fully simulated Windows environment, though it does function in pretty much the same way a real Windows desktop would. For example, I can click on the Start button. When I do, all of the things that you'd expect to see in the Start menu are displayed. I can search for control panel and click on it. When I do, Control Panel pops up, just like it would on a real Windows system. And using the various links in Control Panel, I can go ahead and configure this simulated workstation. For example, I could go down here to Hardware and Sound, and I could use
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
this link right here to add a new printer to the system. The steps that you need to take within the simulation are the same ones you'd need to take on a real Windows system. I do need to point out that as you go through the lab exercises, you'll see that not everything in the Windows interface is enabled. If a feature isn't necessary for a lab, it's not enabled, but all the components you need to complete the Scenario will be. Workspace/Other Views 09:10-09:17 Now, while the computer is up and running, we can switch back to the Workspace and view the hardware by clicking up here. Move Objects to the Shelf 09:17-10:04 In addition to moving objects from the Shelf to the Workspace, you can do just the opposite. You can take an object that's currently in the Workspace and return it back to the Shelf. Let's grab the keyboard and move it to the shelf. When I do, I get a message that says, "Hey, I can't be moved back to the Shelf because I'm still plugged in." Before we can put this item back, we've got to unplug it. To unplug a cable or device, simply click on it, drag the end off, and drop it somewhere within the Workspace. For example, to unplug the cable for the keyboard, I click it, drag it off, and drop it—then its status changes to unconnected. At this point, the keyboard is unplugged, so I can drop it back over here on the Shelf. And please be aware that there are some items that you can't move to the Shelf, such as the wall plate connectors. Evaluate the Lab 10:04-11:42 Now, once you've completed all the tasks in the Scenario, you're ready to submit the lab for evaluation. However, I recommend that before you do this, you go back over to your Scenario and quickly review all the tasks that you were expected to complete and double-check to make sure that everything was done as required. Once you've verified that you've done everything, go up here and click Score Lab. When you do, it's going to evaluate whether or not you did everything correctly. Notice here that we have a list of tasks that I was required to perform for the Scenario—found here, under TASK SUMMARY. Over here, I have an icon that tells me whether or not I did each one. If I didn't do a particular task, I see a red X. If I did complete a task, it's denoted with a green checkmark. Notice that, in this scenario, I didn't do everything that was required. I initially had the keyboard on the Workspace, but I took it off, so it evaluated as incorrect. And because I unplugged the cable for the keyboard, I got it wrong. Now, this last task is actually a multi-item task, meaning that I had to complete several different sub- tasks in order to get everything correct. To see what those sub-tasks were, I click on Show Details, and it tells me that I needed to turn on the monitor and the computer. I did both, so I got those correct. And down here, under Task Summary, is the EXPLANATION. This part of the report provides step- by-step instructions for actually completing the tasks in the Scenario. There are, of course, many ways to complete some of these tasks. Okay, now I'm going to pause the recording while I restart the lab.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Restart the Lab 11:42-12:02 Let's go back to Office 2 Hardware. If, at any time, you're in the middle of a lab and think to yourself, "I really messed this up," you can restart the lab without scoring it. This button over here will restart the lab from the beginning without giving you a score. Be aware, though, that if you do, you'll get this message telling you that any work you've done will be lost. Summary 12:02-12:08 That's it for this demonstration. In this demo, we learned how to use the TestOut Lab Simulator. 1.3.2 Labsim Features Click one of the buttons to take you to that part of the video.  Explore New Lab Features 00:00-01:19 In this demonstration, we're going to spend a few minutes talking about the lab exercises in this course. You may be familiar with LabSim already, but in this course, we're introducing a few new features, so you'll want to watch this demo. When you start a lab exercise, you'll generally see a screen like this. We have a simulated a Kali Linux environment. Let's take a look at it. If you want to complete the lab and get everything right, you should read through this scenario very carefully. It'll usually begin by setting up the situation. It's telling you what's happened and what we're trying to do in the demo. Down here, it'll give you the specific tasks that you need to complete. For this lab, we need to crack the password on the Support computer and then crack the password on the ZIP file. As you go through this lab exercise, you need to make sure that you complete each and every one of these requirements. When you're done with the lab, each task is evaluated, and how many you completed determines your score. So, as you're working through the lab exercise, it's a really good idea to mentally check and say, "Okay, did I do this one?" Yes. "Did I do this one?" Yes. If you've done everything listed here according to the scenario, you'll pass the lab exercise. New Features 01:19-02:37 Now, our new lab features in this course are questions and copy and paste. Let's start with questions. You may be required to perform a task and look for something specific. Over here, you'll see the Answer Questions tab. I have two questions that I'll need to answer while doing this lab. It's a very good idea to open this right after you read the scenario so you
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
know what you're looking for while you perform the steps. This particular lab wants you to enter the password for the Linux Computer and the password for the protected.zip file. Okay, now let's move on to the copy and paste feature. Let's open a terminal, and I'll type in  ifconfig.  Now let's say, for example, that I want to copy and paste this MAC address, here. I can just highlight it like this, come down here, and right-click. When I do, it'll paste the text right here. Be aware you don't get a menu that asks you to paste; it just pastes the text when you right-click. If there's some text over in the scenario, let's say a long password, you can also copy that and paste it somewhere else. So, as soon as I highlight the text, it's copied to the clipboard. Come over here, right-click, and it's pasted in. Let's close the terminal. Programs Included 02:37-05:18 Now, within each lab, not everything is actually enabled within the simulation, only the components that you'll need to complete the scenario. So you might click on something and find that it doesn't actually work, or it might not do what you think it should do. But we're going to look at some of the things that do work in this lab. Over here, we have our Favorite programs. The top one, here, is the Terminal. I'll open that up again. Now, be aware that many of the programs that come with Kali Linux and are launched from the terminal. For example, if the lab says to use nmap to do a scan, I can do that from here. Let's check our IP address really quick. I can do that by typing  ifconfig  and pressing Enter. Right here, I can see my IP address of 192.168.0.45. We can also type  ip addr  and press Enter to get our IP address. Remember we launch nmap from the terminal; let's do that now. Just type in  nmap  and press Enter. When you do that, you get a list of parameters that you can use. Right here are some examples of how to use nmap. Now let's scan our subnet. For that, type  nmap 192.168.0.0/24  and press Enter. We just did a quick default nmap scan of our subnet, and we found all these devices that are live on the subnet. Other programs are also launched from the terminal. To launch Metasploit, we'll type  msfconsole  and press Enter, and it's launched. Okay, let's close the terminal and look at a few of the GUI tools that are simulated. We have Ettercap here. There will be labs that require you to use Ettercap in the course. Let's close that and open up the next one, Zenmap. Zenmap is basically a GUI version of nmap. It's used to scan networks. Let's close this and go to the next one, Wireshark. To start a scan, we select our interface and click the shark fin up here. Let's open the terminal. I'll do an  ifconfig  to confirm my IP address and ping this machine, so let's type in  ping 192.168.0.46  and press Enter. Now let's go back to Wireshark and filter by ICMP, or our ping traffic, by typing in  icmp  in the filter field. You can see we're getting all this ICMP traffic in Wireshark. Let's go ahead and close these.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
The Simulated Environment 05:18-06:38 Be aware that you may be required to open multiple programs or perform tasks on multiple systems. If this is the case, the scenario will tell you. This particular scenario only requires us to work on this one system, but there will be scenarios that will ask you to work on one, two, or more different systems. You might be asking, how do I change between systems? What you need to do is come up to the overview button, right here, and click on it. When you do, the entire office environment is displayed. The current system that you're working on is highlighted. Notice, down here, that the last system I was working on was named IT-Laptop. If you need to change to a different system somewhere else in the office, locate the appropriate system in the diagram, and then just click on it. For example, I'll click on the Office1 system. Now notice I'm in a different office, working on a completely different system. Let's go the IT-Laptop system. Since this is a simulated environment, keep in mind that keyboard shortcuts might not work as expected. So, for example, if you want to enter Ctrl+Alt+Delete, you'll be sending that command to the actual system you're on, not the simulated system. Always look for text that lets you know how to perform the alternative to shortcuts; it's typically down here, at the bottom. Complete the Lab 06:38-09:45 Now that we've looked at some of the new features, let's complete this lab. This lab tells us to crack some passwords with John the Ripper. I'll open the terminal and, at the prompt, I'll type in  cd /usr/share/john  and press Enter. Now let's see what's in the folder. I'll type in  ls  to do that. One of the things I want to look at is the password.lst file. This will contain a list of passwords that John the Ripper will use to try to brute force and crack the system with. You can add to this list, delete passwords, and so on. To view the contents, I'll type in  cat password.lst  and press Enter, and you can see the list is displayed. This is a short list of passwords, so be aware that normally, this will contain tens of thousands of passwords. I'll type  cd  to get back to root, here, and then  clear  to clear the screen. To crack the password on the system, I'll type in  john /etc/shadow  and press Enter. In this course, we'll learn that with Linux, the password is actually kept in the shadow file. Right up here, we can see that our password was cracked. As you might remember, that was one of the questions we need to answer, so let's click on Answer Questions. I'll type in my answer and minimize that box. I'll clear this screen again. Down here, it says once you've cracked the password, you can't crack it a second time, so let's see if that's true. I'll type in  john /etc/shadow  and press Enter, and this time, it's telling me there are no password hashes left to crack. It also tells me that the results are located in the john.pot file, so let's look in there to view the password, just in case we forgot to answer our question. For that, I'll type in  cat ./.john/john.pot,  press Enter, and here are the results. An alternative is to type in  john /etc/shadow/  --show', and you can see the password results again. The next step says to crack the password of the protected.zip file on the IT-Laptop. Let's say, for some reason, we don't complete this part. I'll go back up to Answer Questions, type in an answer for the second password, and click on Score Lab, down here.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
My results are displayed. I got 1 out of 4 complete, or 25%. I've been in the lab for about 30 minutes. Down here, it says I didn't correctly crack the password; however, I did correctly type in the right password as an answer. I didn't even attempt this next part, and I typed in some random answer right here. And down here is the real answer. If I'm having issues, I can come down here, read this explanation, and review the correct steps I would need to take to complete the lab. I can scroll down and click on the Done button; the grades are recorded in the gradebook. Summary 09:45-10:14 That's it for this demonstration. In this demo, we talked about how to complete the lab exercises in this course. We looked at the scenario. We looked at the simulated Kali Linux environment. We discussed some new features in Labsim. We talked about how to complete tasks within the environment. We talked about how to switch between systems. We also talked about some key things you need to keep in mind when you're working in the simulated environment. We ended this demonstration by discussing how the labs are scored.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CSIA3107382Week1.docx
Lab 4- Packet Analysis and Sniffing-1.docx
20220612_10_MakrisJohn.docx
IDS105 module 4 project draft.docx
LabSim Chapter 7.docx
LabSim Chapter 9.docx
Module 7 - Remediation.docx
Module 4 - Worley - Evidence.docx
MCQ exam1.docx
Module 12_ Quiz - Chapter 12 Digital Transformation_ Cloud, E-commerce, and AI.docx
6.2Cyber200.docx
FSC100 Notes.pdf