TTU Faculty Workshop on Cybersecurity for Critical Infrastructure

1

Virtual Security Cloud Lab for

IE 4382/5382 Cybersecurity for Information

Systems

Sindhuri JuturuDepartment of Computer ScienceTexas Tech UniversityLubbock, Texassindhuri.juturu@ttu.edu

Susan D. Urban, Ph.D.Department of Industrial Engineeringsusan.urban@ttu.edu

This research was supported by the National Science Foundation (Grant No.1241735). Opinions, findings, and conclusions/recommendations are those of the authors and do not necessarily reflect the views of the NSF.

5/1/15

TTU Faculty Workshop on Cybersecurity for Critical Infrastructure

2

Virtual Security Cloud Lab Version 2.0

Accompanies Fundamentals of Information Systems Security, by D. Kim and M. Solomon, Jones & Bartlett, Information Systems Security & Assurance Series, 2014.

Hands-on lab in a cloud computing environment using cutting edge technology

Students can test their skills with realistic security scenarios that they will encounter in their careers

The mock IT infrastructure was designed to mimic a real-world IT infrastructure consisting of the seven domains of a typical IT infrastructure

Each lab provides learning objectives, step-by-step instructions, evaluation criteria, and lab assessment questions

5/1/15

TTU Faculty Workshop on Cybersecurity for Critical Infrastructure

3

VSCL Mock IT Infrastructure

From Fundamentals of Information Systems Security, D. Kim and E. Solomon, 2nd Edition, Jones and Bartlett, 2014.5/1/15

TTU Faculty Workshop on Cybersecurity for Critical Infrastructure

4

VSCL Lab Topics Performing Reconnaissance and Probing Using Common Tools

Zenmap, NetWitness Investigator, Wireshark, Putty, FileZilla, OpenVAS

Performing a Vulnerability Assessment OpenVAS, Zenmap

Enabling Windows Active Directory and User Access Controls Active Directory Domain Services, Group Policy Object Editor

Using Group Policy Objects and MS Baseline Security Analyzer for Change Control Microsoft Baseline Security Analyzer, Group Policy Object Editor

Performing Packet Capture and Traffic Analysis NetWitness Investigator, Wireshark, Putty, FileZilla, Tftpd64

5/1/15

TTU Faculty Workshop on Cybersecurity for Critical Infrastructure

5

VSCL Topics

Implementing a Business Continuity Plan vi Editor, wbadmin GUI, PowerShell Command Window, Windows 2012 server

Manager

Using Encryption to Enhance Confidentiality and Integrity FileZilla, GPG4Win (Kleopatra)

Performing a Website and Database Attack by Exploiting Identified Vulnerabilities Damn Vulnerable Web Application (DVWA)

Eliminating Threats with a Layered Security Approach AVG, FileZilla Server, Windows Server Manager

Implementing an Information Systems Security Policy Power Broker Identity Services Open (PBIS), Putty, vi Editor

5/1/15

TTU Faculty Workshop on Cybersecurity for Critical Infrastructure

6

Learning Objectives

Learning objectives of Lab 1, for example -

Explore common network scanning and analysis tools

Perform network reconnaissance and probing on the machines in the Lab

Perform an Intense scan on an entire subnetwork (172.30.0.0/24) using Zenmap

Create a Fisheye Bubble chart to explain the relationships between devices on a network

Explain how attackers use the network scanning and analysis tools to compromise networks

5/1/15