0%

Practice the Skills Essential for a Successful Career in Cybersecurity!

This hands-on guide contains more than 90 labs that challenge you to solve real-world problems and help you to master key cybersecurity concepts. Clear, measurable lab results map to exam objectives, offering direct correlation to Principles of Computer Security: CompTIA Security+™ and Beyond, Sixth Edition (Exam SY0-601). For each lab, you will get a complete materials list, step-by-step instructions and scenarios that require you to think critically. Each chapter concludes with Lab Analysis questions and a Key Term quiz. Beyond helping you prepare for the challenging exam, this book teaches and reinforces the hands-on, real-world skills that employers are looking for.

In this lab manual, you’ll gain knowledge and hands-on experience with

  • Linux systems administration and security
  • Reconnaissance, social engineering, phishing
  • Encryption, hashing
  • OpenPGP, DNSSEC, TLS, SSH
  • Hacking into systems, routers, and switches
  • Routing and switching
  • Port security, ACLs
  • Password cracking
  • Cracking WPA2, deauthentication attacks, intercepting wireless traffic
  • Snort IDS
  • Active Directory, file servers, GPOs
  • Malware reverse engineering
  • Port scanning
  • Packet sniffing, packet crafting, packet spoofing
  • SPF, DKIM, and DMARC
  • Microsoft Azure, AWS
  • SQL injection attacks
  • Fileless malware with PowerShell
  • Hacking with Metasploit and Armitage
  • Computer forensics
  • Shodan
  • Google hacking
  • Policies, ethics, and much more

Table of Contents

  1. Cover
  2. About the Author
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Contents at a Glance
  7. Contents
  8. Acknowledgments
  9. Introduction
  10. Additional Resources for Teachers
  11. Chapter 1 Introduction and Security Trends
    1. Lab Exercise 1.01: Staying Current with Industry
    2. Lab Exercise 1.02: Cyber Threat Maps
    3. Lab Exercise 1.03: Cybersecurity Survey
    4. Lab Exercise 1.04: Building the Virtual Lab
    5. Lab Analysis
    6. Key Term Quiz
  12. Chapter 2 General Security Concepts
    1. Lab Exercise 2.01: Verizon DBIR
    2. Lab Exercise 2.02: Linux File System Management
    3. Lab Exercise 2.03: Linux Systems Administration
    4. Lab Exercise 2.04: Linux System Security
    5. Lab Analysis
    6. Key Term Quiz
  13. Chapter 3 Operational and Organizational Security
    1. Lab Exercise 3.01: Policies
    2. Lab Exercise 3.02: Training Documentation
    3. Lab Exercise 3.03: Interoperability Agreements
    4. Lab Analysis
    5. Key Term Quiz
  14. Chapter 4 The Role of People in Security
    1. Lab Exercise 4.01: The Social-Engineer Toolkit
    2. Lab Exercise 4.02: Phishing Tests
    3. Lab Exercise 4.03: Reconnaissance Through Open-Source Intelligence
    4. Lab Analysis
    5. Key Term Quiz
  15. Chapter 5 Cryptography
    1. Lab Exercise 5.01: Symmetric Key Encryption
    2. Lab Exercise 5.02: Asymmetric Key Encryption
    3. Lab Exercise 5.03: Hashing
    4. Lab Exercise 5.04: Diffie-Hellman Key Exchange
    5. Lab Analysis
    6. Key Term Quiz
  16. Chapter 6 Applied Cryptography
    1. Lab Exercise 6.01: Apple vs. FBI
    2. Lab Exercise 6.02: Australia’s Assistance and Access Bill
    3. Lab Exercise 6.03: To Serve Man
    4. Lab Exercise 6.04: E-mail Cryptography
    5. Lab Analysis
    6. Key Term Quiz
  17. Chapter 7 Public Key Infrastructure
    1. Lab Exercise 7.01: DNSSEC for Security
    2. Lab Exercise 7.02: DNSSEC for Exploiting
    3. Lab Exercise 7.03: TLS in Action
    4. Lab Analysis
    5. Key Term Quiz
  18. Chapter 8 Physical Security
    1. Lab Exercise 8.01: Linux Password Recovery
    2. Lab Exercise 8.02: Cisco Router Password Recovery
    3. Lab Exercise 8.03: Cisco Switch Password Recovery
    4. Lab Analysis
    5. Key Term Quiz
  19. Chapter 9 Network Fundamentals
    1. Lab Exercise 9.01: Switch Configuration
    2. Lab Exercise 9.02: Router Configuration
    3. Lab Exercise 9.03: Passwords and SSH
    4. Lab Analysis
    5. Key Term Quiz
  20. Chapter 10 Infrastructure Security
    1. Lab Exercise 10.01: Port Security on Switches
    2. Lab Exercise 10.02: Standard ACLs on Routers
    3. Lab Exercise 10.03: Extended ACLs on Routers
    4. Lab Analysis
    5. Key Term Quiz
  21. Chapter 11 Authentication and Remote Access
    1. Lab Exercise 11.01: Dictionary Attacks on Linux Passwords with John the Ripper
    2. Lab Exercise 11.02: Brute Force Attacks on Linux Passwords with crunch and John the Ripper
    3. Lab Exercise 11.03: Dictionary Attacks and Brute Force Attacks on Windows Passwords with Mimikatz, crunch, and John the Ripper
    4. Lab Exercise 11.04: Rainbow Table Attacks on Windows Passwords with ophcrack
    5. Lab Analysis
    6. Key Term Quiz
  22. Chapter 12 Wireless Security and Mobile Devices
    1. Lab Exercise 12.01: Wireless Network and Device Detection
    2. Lab Exercise 12.02: Monitor Mode Sniffing
    3. Lab Exercise 12.03: Cracking WPA2 Passwords and Deauthenticating Clients with Wifite
    4. Lab Analysis
    5. Key Term Quiz
  23. Chapter 13 Intrusion Detection Systems and Network Security
    1. Lab Exercise 13.01: Installing Ubuntu and Snort
    2. Lab Exercise 13.02: Snort Sniffer Mode
    3. Lab Exercise 13.03: Snort Packet Logger Mode
    4. Lab Exercise 13.04: Snort Network Intrusion Detection System Mode
    5. Lab Analysis
    6. Key Term Quiz
  24. Chapter 14 System Hardening and Baselines
    1. Lab Exercise 14.01: Active Directory Domain Services and Domain Connectivity
    2. Lab Exercise 14.02: Organizational Units and Groups
    3. Lab Exercise 14.03: Users and Other Active Directory Objects
    4. Lab Exercise 14.04: Permissions and Shares
    5. Lab Exercise 14.05: Group Policy Objects
    6. Lab Analysis
    7. Key Term Quiz
  25. Chapter 15 Types of Attacks and Malicious Software
    1. Lab Exercise 15.01: Strings
    2. Lab Exercise 15.02: UPX
    3. Lab Exercise 15.03: PEview and Resource Hacker
    4. Lab Exercise 15.04: VirusTotal
    5. Lab Exercise 15.05: Regshot
    6. Lab Exercise 15.06: Process Monitor
    7. Lab Exercise 15.07: ApateDNS
    8. Lab Analysis
    9. Key Term Quiz
  26. Chapter 16 Security Tools and Techniques
    1. Lab Exercise 16.01: Port Scanning with Nmap
    2. Lab Exercise 16.02: Sockets with netcat (nc) and ncat
    3. Lab Exercise 16.03: Packet Crafting with hping3
    4. Lab Exercise 16.04: Packet Crafting with Scapy
    5. Lab Analysis
    6. Key Term Quiz
  27. Chapter 17 Web Components, E-mail, and Instant Messaging
    1. Lab Exercise 17.01: E-mail Headers
    2. Lab Exercise 17.02: SPF, DKIM, and DMARC
    3. Lab Analysis
    4. Key Term Quiz
  28. Chapter 18 Cloud Computing
    1. Lab Exercise 18.01: Microsoft Azure Training
    2. Lab Exercise 18.02: Exploring Microsoft Azure
    3. Lab Exercise 18.03: AWS Educate and AWS Training and Certification
    4. Lab Exercise 18.04: Exploring AWS
    5. Lab Analysis
    6. Key Term Quiz
  29. Chapter 19 Secure Software Development
    1. Lab Exercise 19.01: Configuring WampServer and DVWA
    2. Lab Exercise 19.02: SQL Injection
    3. Lab Analysis
    4. Key Term Quiz
  30. Chapter 20 Risk Management
    1. Lab Exercise 20.01: PowerShell Script Settings
    2. Lab Exercise 20.02: PowerShell Exploitation
    3. Lab Analysis
    4. Key Term Quiz
  31. Chapter 21 Business Continuity, Disaster Recovery, and Change Management
    1. Lab Exercise 21.01: Business Continuity
    2. Lab Exercise 21.02: Disaster Recovery
    3. Lab Exercise 21.03: Change Management
    4. Lab Analysis
    5. Key Term Quiz
  32. Chapter 22 Incident Response
    1. Lab Exercise 22.01: Incident Response Companies and Stories
    2. Lab Exercise 22.02: Metasploit Framework
    3. Lab Exercise 22.03: Metasploit’s Meterpreter
    4. Lab Exercise 22.04: Armitage
    5. Lab Analysis
    6. Key Term Quiz
  33. Chapter 23 Computer Forensics
    1. Lab Exercise 23.01: Windows Registry Forensics
    2. Lab Exercise 23.02: Digital Evidence in RAM and on the Hard Drive
    3. Lab Exercise 23.03: Steganography
    4. Lab Exercise 23.04: Imaging, Recovering Deleted Files, File Signatures, and Analyzing Images
    5. Lab Analysis
    6. Key Term Quiz
  34. Chapter 24 Legal Issues and Ethics
    1. Lab Exercise 24.01: ACM Ethics
    2. Lab Exercise 24.02: USENIX Ethics
    3. Lab Exercise 24.03: Ethical Scenarios
    4. Lab Exercise 24.04: Copyright
    5. Lab Exercise 24.05: Creative Commons
    6. Lab Exercise 24.06: FSF and GNU
    7. Lab Analysis
    8. Key Term Quiz
  35. Chapter 25 Privacy
    1. Lab Exercise 25.01: Shodan
    2. Lab Exercise 25.02: Insecam
    3. Lab Exercise 25.03: Google Hacking
    4. Lab Analysis
    5. Key Term Quiz
  36. Index
54.162.124.193