Default gateway
10602049836327222433493328
CBROPS Labs
|
Lab VideosTIPS:
I would definitely use the provided command text file provided by Cisco to copy and paste into fields as required Lab 1: Use NSM ToolsREAD the Lab Guide carefully Some parts like Internet access are not meant to be carried out in the lab.
When using SGUIL and selecting event IDs running Transcript be patient as it takes time to generate the output. Towards the end of the lab I did not see as many entries as described in the lab for Elsa task 5 onwards. Lab 2: Explore Cryptographic TechREAD the Lab Guide carefully Some parts like Internet access are not meant to be carried out in the lab.
Lab 3: Explore TCP/IP AttacksLab 4: Explore Endpoint SecurityLab 5: Investigate Hacker MethodologyWhen using SGUIL and selecting event IDs running Transcript be patient as it takes time to generate the output.
Lab 6: Hunt Malicious TrafficThere lab works fine but there is a lot switches and searches that have to be inputted correctly.
Lab 7: Correlate Event Logs, PCAPs, and ALerts of an AttackLab 8: Investigate Browser-Based AttacksFollow the lab guide carefully. It is easy in the lab to mistype or not read fully the lab. Some of the output will differ if this is the case.
Sometimes you also have to wait for entries to be added ie mysql in ELSA. Lab 9: Analyse Suspicious DNS ActivityBe really careful on Task 2 Step 4, there is a note about a backtick used in the command and the quote marks., use backtick NOT Quote.
`=Backtick (UK keyboard top left) '=Quote (UK Keyboard bottom right) Task 2 Step 9 shows different chars of the hex code but it is the same content ie confidential as proved in Task 3. Lab 10: Explore Security Data AnalysisREAD the Lab Guide carefully Some parts like Internet access are not meant to be carried out in the lab.
Lab 11: Investigate Suspicious Activity using Security OnionREAD the Lab Guide carefully Some parts like Internet access are not meant to be carried out in the lab.
Lab 12: Investigate APTsREAD the Lab Guide carefully Some parts like Internet access are not meant to be carried out in the lab.
Lab 13: Explore SOC PlaybooksLab 14: Explore Windows O/SLab 15: Explore Linux O/SYou open many terminal session in the lab, keep track of which one you require for testing, tip look at the prompt in the terminal window.
|