Applied Labs Content Overview

Applied Labs to Accompany Network Security, Firewalls, and VPNs

Lab #1: Analyzing Protocols with Wireshark

Lab #2: Using Wireshark and Netwitness Investigator to Analyze Wireless Traffic

Lab #3: Configuring a pfSense Firewall on the Client

Lab #4: Configuring a pfSense Firewall on the Server

Lab #5: Penetration Testing a pfSense Firewall

Lab #6: Using Social Engineering Techniques to Plan an Attack

Lab #7: Configuring a Virtual Private Network Server

Lab #8: Configuring a VPN Client for Secure File Transfer

Lab #9: Attacking a Virtual Private Network

Lab #10: Investigating and Responding to Security Incidents


Applied Labs to Accompany Fundamentals of Information Systems Security

Lab #1: Performing Reconnaissance and Probing Using Common Tools

Lab #2: Performing a Vulnerability Assessment

Lab #3: Enabling Windows Active Directory and User Access Controls

Lab #4: Using Group Policy Objects and Microsoft Baseline Security Analyzer for Change Control

Lab #5: Performing Packet Capture and Traffic Analysis

Lab #6: Implementing a Business Continuity Plan

Lab #7: Using Encryption to Enhance Confidentiality and Integrity

Lab #8: Perform a Web Site and Database Attack by Exploiting Identified Vulnerabilities

Lab #9: Eliminating Threats with a Layered Security Approach

Lab #10: Implementing an Information Systems Security Policy


Applied Labs to Accompany Access Control, Authentication, & Public Key Infrastructure

Lab #1: Configuring an Active Directory Domain Controller

Lab #2: Managing Windows Accounts and Organizational Units

Lab #3: Configuring Windows File System Permissions

Lab #4: Managing Group Policy Objects in Active Directory

Lab #5: Configuring Windows Firewall

Lab #6: Managing Linux Accounts

Lab #7: Configuring Linux File System Permissions

Lab #8: Encrypting and Decrypting Files with PKI

Lab #9: Authenticating Security Communications with Digital Signatures

Lab #10: Encrypting and Decrypting Web Traffic with HTTPS


Applied Labs to Accompany Security Policies and Implementation Issues

Lab #1: Crafting an Organization-Wide Security Management Policy for Acceptable Use

Lab #2: Developing an Organization-Wide Policy Framework Implementation Plan

Lab 3: Defining an Information Systems Security Policy Framework for an IT Infrastructure

Lab 4: Crafting a Layered Security Management Policy – Separation of Duties

Lab 5: Crafting an Organization-Wide Security Awareness Policy-BIA and Recovery Time

Lab #6: Defining a Remote Access Policy to Support Remote Health Care Clinics

Lab #7: Identifying Necessary Policies for Business Continuity – BIA and Recovery Time Objectives

Lab #8: Crafting a Security or Computer Incident Response Policy – CIRT Response Team

Lab 9: Assessing and Auditing an Existing IT Security Policy Framework Definition

Lab #10: Aligning an IT Security Policy Framework to the Seven Domains of a Typical IT Infrastructure


Applied Labs to Accompany Security Strategies in Windows Platforms and Applications

Lab #1: Implementing Access Controls with Windows Active Directory

Lab #2: Using Access Control Lists to Modify File System Permissions on Windows Systems

Lab #3: Configuring Bitlocker and Windows Encryption

Lab #4: Identifying and Removing Malware From Windows Systems

Lab #5: Managing Group Policy within the Microsoft Windows Environment

Lab #6: Creating a Scheduled Backup and Replicating System Folders

Lab #7: Securing Servers with the Security Configuration Wizard and the Windows Firewall

Lab #8: Securing Internet Client and Server Applications on Windows Systems

Lab #9: Protecting Digital Evidence, Documentation, and the Chain of Custody

Lab #10: Hardening Windows Server Security Using Microsoft Baseline Security Analyzer


Applied Labs to Accompany Hacker Techniques, Tools, and Incident Handling

Lab #1: Assessing and Securing Systems on a Wide Area Network (WAN)

Lab #2: Applying Encryption and Hashing Algorithms for Secure Communications

Lab #3: Data Gathering and Footprinting on a Targeted Website

Lab #4: Using Ethical Hacking Techniques to Exploit a Vulnerable Workstation

Lab #5: Attacking a Vulnerable Web Application and Database

Lab #6: Identifying and Removing Malware on a Windows System

Lab #7: Analyzing Network Traffic to Create a Baseline Definition

Lab #8: Auditing a Wireless Network and Planning for a Secure WLAN Implementation

Lab #9: Investigating and Responding to Security Incidents

Lab #10: Securing the Network with an Intrusion Detection System (IDS)


Applied Labs to Accompany Managing Risk in Information Systems

Lab  #1: Identifying Threats and Vulnerabilities in an IT Infrastructure

Lab  #2:  Aligning Risks, Threats, & Vulnerabilities to the COBIT P09 Risk Management Controls

Lab  #3:  Defining the Scope and Structure for an IT Risk Management Plan

Lab  #4:  Performing a Qualitative Risk Assessment for an IT

Lab  #5:  Identifying Risks, Threats, and Vulnerabilities in an IT Infrastructure Using Zenmap® GUI (Nmap) & Nessus® Reports

Lab  #6:  Developing a Risk-Mitigation Plan Outline for an IT

Lab  #7:  Performing a Business Impact Analysis for a Mock IT

Lab  #8:  Developing an Outline for a Business Continuity Plan for an IT Infrastructure

Lab  #9:  Developing Disaster Recovery Backup Procedures and Recovery Instructions

Lab  #10:  Creating a CIRT Response Plan for a Typical IT Infrastructure


Applied Labs to Accompany Legal Issues in Information Security

Lab  #1:  Creating an IT Infrastructure Asset List and Identifying Where Privacy Data Resides

Lab  #2:  Case Study on U.S. Veteran Affairs and Loss of Private Information

Lab  #3:  Case Study on PCI DSS Non-Compliance: CardSystems Solutions

Lab  #4:  Analyzing and Comparing GLBA and HIPAA

Lab  #5:  Case Study on Issues Related to Sharing Consumers’
Confidential Information

Lab  #6:  Identifying the Scope of Your State’s Data and Security Breach Notification Law

Lab  #7: Case Study on Digital Millennium Copyright Act: Napster

Lab  #8:  Cyberstalking or Cyberbullying and Laws to Protect Individuals

Lab  #9:  Recommending IT Security Policies to Help Mitigate Risk

Lab  #10:  Case Study on Computer Forensics: Pharmaceutical Company


Applied Labs to Accompany Auditing IT Infrastructure for Compliance

Lab  #1:  Assessing the Impact of Sarbanes-Oxley (SOX) Compliance Law on Enron

Lab  #2:  Aligning Auditing Frameworks for a Business Unit Within DoD

Lab  #3:  Defining a Process for Gathering Information Pertaining to a HIPAA Compliance Audit

Lab  #4:  Aligning an IT Security Assessment – Risk, Threats, and
Vulnerability Assessments – to Achieve Compliance

Lab  #5:  Defining a Process for Gathering Information Pertaining to a GLBA Compliance Audit

Lab  #6:  Auditing the Workstation Domain for Compliance

Lab  #7:  Auditing the LAN-to-WAN Domain for Compliance

Lab  #8:  Auditing the Remote Access Domain for Compliance

Lab  #9:  Auditing the Systems/Application Domain for Compliance

Lab  #10:  Charting Your Career Path – Professional Certifications


Applied Labs to Accompany Internet Security: How to Defend Against Attackers on the Web

Lab  #1:  Evaluating Web Server Vulnerabilities

Lab  #2:  Obtaining Personally Identifiable Information through Internet Research

Lab  #3:  Performing a Post-Mortem Review of a Data Breach Incident

Lab  #4:  Exploiting Known Web Vulnerabilities on a Live Web Server

Lab  #5:  Applying OWASP to a Web Security Assessment

Lab  #6:  Applying Regulatory Compliance Standards

Lab  #7:  Performing Dynamic and Static Quality Control Testing

Lab  #8:  Performing an IT and Web Application Security Assessment

Lab  #9:  Recognizing Risks and Threats Associated with Emerging Technologies

Lab  #10:  Implementing a Security Development Lifecycle (SDL) Plan


Applied Labs to Accompany System Forensics, Investigation, and Response

Lab  #1:  Applying the Daubert Standard to Forensic Evidence

Lab  #2:  Documenting a Workstation Configuration using Common
Forensic Tools

Lab  #3:  Uncovering New Digital Evidence Using Bootable Forensic

Lab  #4:  Creating a Forensic System Case File for Analyzing Forensic Evidence

Lab  #5:  Analyzing Images to Identify Suspicious or Modified Files

Lab  #6:  Recognizing the Use of Steganography in Image Files

Lab  #7:  Automating E-mail Evidence Discovery Using P2 Commander

Lab  #8:  Decoding an FTP Protocol Session for Forensic Evidence

Lab  #9:  Identifying and Documenting Evidence From a Forensic Investigation

Lab  #10:  Conducting an Incident Response Investigation for a Suspicious Login


Applied Labs to Accompany Security Strategies in Linux Platforms and Applications

Lab  #1:  Installing a Core Linux Operating System on a Server

Lab  #2:  Configuring Basic Security Controls on a Centos Linux Server

Lab  #3:  Hardening Security with User Account Management and Security Controls

Lab  #4:  Applying Hardened Linux File System Security Controls

Lab  #5:  Hardening Security for Linux Services and Applications

Lab  #6:  Hardening Security by Controlling Access

Lab  #7:  Hardening Security for the Linux Kernel

Lab  #8:  Applying Best Practices for Security Software Management

Lab  #9:  Applying Best Practices for Security Logging and Monitoring

Lab  #10:  Defining Linux OS and Application Backup and Recovery Procedures