VTG (Lab) Bundle

Endpoint Defenses - VTG Ch3 (ICS003)

Lab access included*

Using lessons learned from successfully attacking the power plant in Chapters 1 and 2, learn how to harden and secure ICS assets using various endpoint defenses. After completing this chapter, users will be able to:

• Validate operator inputs on HMIs
• Add safety checks to PLC programs
• Scan for malware using Yara
• Investigate Windows event logs, and set up audit policies
• Use the Windows powershell command line (ps, select-string, netstat)
• Use intermediate level Linux commands (ps, grep, netstat)
• Investigate Linux logs
• Write basic Linux host firewall rules


The Fortiphyd Virtual Training Grounds series equips you with the practical experience needed to secure ICS networks. Practice launching real attacks, see their physical consequences, and learn how to defend against them all in realistic 3D simulated plants.

*Professional users get 60 days of lab access starting during the next available time slot. Once purchased, Fortiphyd support will contact you to coordinate the start date. Academic user pricing and duration of lab access dependent on agreement with school.

  • Introduction
  • Introduction
  • Key Terms Review
  • HMI Input Validation
  • 3.1
  • Exercise Review
  • HMI User Privileges
  • 3.2
  • Exercise Review
  • PLC and HMI Programming
  • Video Walkthrough
  • 3.3
  • Exercise Review
  • Windows Logs
  • 3.4
  • Exercise Review
  • Windows Powershell
  • 3.5
  • Exercise Review
  • Scanning for ICS Malware with YARA
  • 3.6
  • Exercise Review
  • Linux Logs
  • 3.7
  • Exercise Review
  • Linux SSH Configuration
  • 3.8
  • Exercise Review
  • Linux Host Firewall
  • 3.9
  • Exercise Review
  • Chapter 3 Feedback
  • Discussion and Q&A
Completion rules
  • All units must be completed
  • Leads to a certification with a duration: 3 years