VTG (Lab) Bundle

Endpoint Defenses - VTG Ch3 (ICS003)


Description
Lab: 2 CPE

Using lessons learned from successfully attacking the power plant in Chapters 1 and 2, learn how to harden and secure ICS assets using various endpoint defenses. After completing this chapter, users will be able to:

• Validate operator inputs on HMIs
• Add safety checks to PLC programs
• Scan for malware using Yara
• Investigate Windows event logs, and set up audit policies
• Use the Windows powershell command line (ps, select-string, netstat)
• Use intermediate level Linux commands (ps, grep, netstat)
• Investigate Linux logs
• Write basic Linux host firewall rules

The Fortiphyd Virtual Training Grounds series equips you with the practical experience needed to secure ICS networks. Practice launching real attacks, see their physical consequences, and learn how to defend against them all in realistic 3D simulated plants.

Content
  • LAB ENVIRONMENT
  • Introduction
  • Introduction
  • Key Terms Review
  • HMI Input Validation
  • HMI Input Validation
  • HMI Input Validation Review
  • HMI User Privileges
  • User Privileges
  • HMI User Privileges Review
  • PLC and HMI Programming
  • Video Walkthrough
  • PLC and HMI Programming
  • PLC/HMI Programming Review
  • PLC Endpoint Detection (Coming Soon)
  • PLC Endpoint Detection Background
  • PLC Endpoint Detection
  • Windows Logs
  • Windows Logs
  • Windows Logs Review
  • Windows Powershell
  • Windows Powershell
  • Powershell Review
  • Scanning for ICS Malware with YARA
  • Scanning for ICS Malware with YARA
  • YARA Review
  • Linux Logs
  • Linux Logs
  • Linux Logs Review
  • Linux SSH Configuration
  • Linux SSH Configuration
  • SSH Configuration Review
  • Linux Host Firewall
  • Linux Host Firewall
  • Linux Host Firewall Review
  • Chapter 3 Feedback
  • Discussion and Q&A
Completion rules
  • All units must be completed
  • Leads to a certificate with a duration: 3 years