New Lab environment expansion for Establishing Cybersecurity Defense Lines and Incident Management course

The product provides access to an online remote lab environment (IT infrastructure) related to the blended learning course titled "Establishing Cybersecurity Defense Lines and Incident Management," designed to support the completion of practical tasks and independent practice, with an additional access duration of 10 hours. The product is currently only available for the above-mentioned "Establishing Cybersecurity Defense Lines and Incident Management" course.

The product is recommended for participants of the blended learning course titled "Establishing Cybersecurity Defense Lines and Incident Management," who wish to extend their lab environment access time by an additional 10 hours beyond the built-in 20-hour lab access included in the course. After purchasing the product, the basic 20-hour lab access will be extended by 10 hours. Access is possible using the original account credentials for the 20-hour lab environment.

The product provides access to an online remote lab environment (IT infrastructure) related to the blended learning course titled "Establishing Cybersecurity Defense Lines and Incident Management," designed to support the completion of practical tasks and independent practice, with an additional access duration of 10 hours. The practical lab tasks and topics that can be performed in the environment include:

• Use of logging protocols and tools. In the practical part, participants install and connect Linux-based log servers, then connect Windows devices to the system, convert message formats, and install and configure archiving systems.
• Logging storage devices in practice. In the environment assembled in the previous module, a logging storage appliance device is installed, which is capable of storing incoming messages, classifying them, interpreting the messages, and generating various statistics from the parsed data, which are then displayed using different visualization solutions.
• Use of log analysis tools in practice. During the practice, participants install the tool and then integrate the previously installed system with the log analyzer. In later exercises, different attacks will be tested, which will be visible and detectable (or not…) in the installed log analyzer.
• Basics of security testing. Practice of vulnerability scanning and ethical hacking, roles of Red Team / Blue Team / Purple Team. Demonstration of Red/Blue/Purple Teaming in practice. Introduction of various offensive tools in a pre-prepared lab environment. The goal is for participants to try a few attack tools and see what kind of "noise" the attack generates and how detectable it is using different logging systems.

To effectively and comprehensively complete the technical exercises, the following prior knowledge is required:

• Knowledge of basic information security concepts and principles
• Basic networking knowledge
• Basic Linux administration skills in some Linux distribution are strongly recommended (operation, file system, basic commands, file management, process management, package management, user and permissions basics, logging basics, SSH)
• Basic Windows administration skills on some Windows Server system are strongly recommended (file management, basic knowledge of network and AD DS tools, program management)
• Completion of the theoretical and practical modules of the "Establishing Cybersecurity Defense Lines and Incident Management" course.

A laptop or PC with an up-to-date operating system and browser, preferably with local administrator rights. PDF reader, broadband internet connection, speakers/headphones, and microphone. For laptops, an additional monitor is recommended; for PCs, two monitors are recommended to follow the exercises and video materials in parallel.