VTG (Lab) Bundle

DMZ Vulnerabilities - VTG Ch1 (ICS001)


Description
Lab access included*

Take on the role of an attacker in the DMZ network of a power plant, learning how to exploit the common vulnerabilities there and pivot deeper into the ICS network. After completing this chapter, users will be able to:

• Use basic Linux commands and tools (whoami, pwd, ls, mkdir, nano, cd, mv, cp, rm, man)
• Run basic network scans with nmap
• Understand the function of historians in ICS networks
• Test for SQL injection vulnerabilities
• Perform man-in-the-middle (MITM) attacks using ARP spoofing
• Explore ICS protocols using Wireshark
• Run password cracking tools against remote access protocols (SSH)
• Check for weak passwords by running a cracking tool against password files

2 CPE

The Fortiphyd Virtual Training Grounds series equips you with the practical experience needed to secure ICS networks. Practice launching real attacks, see their physical consequences, and learn how to defend against them all in realistic 3D simulated plants.

*Professional users get 60 days of lab access with purchase of bundle or 7 days per individual course, starting during the next available time slot. Academic user pricing and duration of lab access dependent on agreement with school.

Content
  • Welcome
  • Introduction
  • LAB ENVIRONMENT
  • DMZ Vulnerability Assessment Overview
  • Key Terms Review
  • Intro to Lab Machine and Linux
  • 1.1
  • Accessibility
  • Exercise Review
  • Intro to Network Scanning
  • 1.2
  • Exercise Review
  • SQL Injection Attacks
  • 1.3
  • Exercise Review
  • CROSS-SITE SCRIPTING
  • 1.4
  • Exercise Review
  • SESSION HIJACKING
  • 1.5
  • Exercise Review
  • SSH Password Cracking
  • 1.6
  • Exercise Review
  • Password File Cracking
  • 1.7
  • Exercise Review
  • ARP Spoofing to Sniff Traffic
  • 1.8
  • Exercise Review
  • OPC UA Exploration
  • 1.9
  • Exercise Review
  • EXTRACTING CREDENTIALS FROM A REMOTE DEVICE
  • 1.10
  • Exercise Review
  • Conclusion
  • Network Diagram
  • Chapter 1 Feedback
  • Discussion and Q&A
Completion rules
  • All units must be completed
  • Leads to a certification with a duration: 3 years