Scribd
Upload
9 views26 pages

VM Configuration

The document outlines a comprehensive training plan for the ISAC-PH Certified Information Security Operator (ICISO) program, covering various domains such as Network Essentials, Windows Essentials, Linux Essentials, BASH and PowerShell Scripting, and Application and System Hardening Principles. Each domain includes specific topics and skills to be developed, such as network connectivity, protocol analysis, scripting, and security practices. Additionally, it provides references for evaluation tools and virtual machine configurations necessary for the training.

Uploaded by

alisandabfatimah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views26 pages

VM Configuration

The document outlines a comprehensive training plan for the ISAC-PH Certified Information Security Operator (ICISO) program, covering various domains such as Network Essentials, Windows Essentials, Linux Essentials, BASH and PowerShell Scripting, and Application and System Hardening Principles. Each domain includes specific topics and skills to be developed, such as network connectivity, protocol analysis, scripting, and security practices. Additionally, it provides references for evaluation tools and virtual machine configurations necessary for the training.

Uploaded by

alisandabfatimah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 26

Network Essentials

Training Plan:
ICISO Domain 1: Network Essentials
Access and Connectivity Protocol Analysis and Operational Visibility
• Hypervisor Setup (Vi ualBox, VMWare) • Network-level Protocols
• Vi ual Machine Configuration • Domain-level Protocols
• Network Interface Configuration • Application Protocols
• Packet Carving
Architecture and Troubleshooting • Uniform Resource Locator (URL) Structure
• IP Addressing and Network Ranges • Network Mapping Methodology
• Dynamic Host Configuration Protocol (DHCP)
• Domain Name System (DNS) Network Traffic Inspection and Deceptive Defense
• Fully-Qualified Domain Name (FQDN) • Traffic Encryption and Interception Proxies
• Hosts file • Network Intrusion Detection with Security Onion
• Network Routing and Switching • Honeypots and Canarytokens
• Subnetting and Firewalling • OSINT and Geolocation Tracking with Siyasat Linux
• Network Address Translation (NAT)
• Po Forwarding

ISAC-PH
ISAC-PH
Training Plan:
ISAC-PH Ce ified Information Security Operator (ICISO)
Duration: ~20 days
Domain 1: Network Essentials Domain 4: BASH and PowerShell Scripting
• Access and Connectivity • Character and Text Encoding
• Architecture and Troubleshooting • Encryption and Obfuscation
• Protocol Analysis and Operational Visibility • Components of a Script
• Network Traffic Inspection and Deceptive Defense • Bash Scripting
• PowerShell Scripting
Domain 2: Windows Essentials
• Command Line and PowerShell Domain 5: Application and System Hardening Principles
• Windows Registry • Authentication and Authorization
• Processes, Services and File System • I/O Operations and User Sessions
• Windows Active Directory and Networking • Auditing and Logging
• Windows Security and Authentication • Access Controls and Permissions
• Additional References and Resources
Domain 3: Linux Essentials
• Local and Remote Shells Domain 6: Tradecra Specialization Pathways
• Processes, Services and File System • Information Security Domains
• Networking and Accounts • Operational Teams
• Boot Process
• Logging and Security

ISAC-PH
Training Plan:
ICISO Domain 2: Windows Essentials
Command Line and PowerShell Windows Filesystem
• Basic commands • Formats and Hierarchy
• Registry commands • Navigation and Permissions
• Process commands • Manipulation and File Times
• Filesystem commands
• Networking commands Windows Active Directory and Networking
• Security commands • AD Overview and Basic Principles
• Organizational Units (OUs)
Windows Registry • Group Policy Objects (GPOs)
• Registry Components, Hierarchy and Subtrees • Kerberos
• Impo ant Registry Locations • Network Architecture
• Registry Manipulation • Sockets, RPC, Named Pipes, NetBIOS/NBT, SMB

Windows Processes and Services Windows Authentication and Security


• Components, Steps, Prope ies, and Drivers • Interactive Logon Process
• Dynamic Link Libraries (DLLs) and Process Handles • Authentication F ow
• Services and Process Interrogation • SAM file and NTLM hashes

ISAC-PH
Training Plan:
ICISO Domain 3: Linux Essentials
Local and Remote Shells Networking and Accounts
• Shell Environments, History, and Sho cuts • Networking Commands
• Secure SHell (SSH) • Managing Users and Groups
• PAM and Centralized Authentication
Linux Processes and Services
• User Processes and File Descriptors Boot Process and Kernel Modules
• Process Chaining and Pipelining • Bootloaders
• Shell Redirection and Job Control • Init Daemons
• Daemons and Services • Kernel changes and modules
• Process Interrogation
Logging and Security
Linux Filesystem • Time synchronization
• Formats and Hierarchy • Logging Daemons and Log File Locations
• Navigation and Permissions • Audit Daemon
• Manipulation and File Times • Discretionary and Mandatory Access Control
• ACL and Extended Attributes
• SELinux, AppArmor, Process Isolation

ISAC-PH
Training Plan:
ICISO Domain 4: BASH and PowerShell Scripting
Character and Text Encoding Components of a Script
• Text Editors • Conditions and Operators
• Number Systems (Binary, Octal, Decimal, Hex) • Output
• Character Sets (ASCII, UTF-8, BaseN) • Variables and Data types
• Input arguments
Encryption and Obfuscation • Declarations and functions
• Code Obfuscation via Text Encoding
• Asymmetric Encryption (TLS, ECDSA, RSA) Bash Scripting
• Symmetric Encryption (AES, DES) • Basics commands
• Encoding and Encryption with CyberChef • Writing basic scripts
• Writing a log parsing script
Scripting Basics • Writing a host assessment script
• Script writing process
• String manipulation PowerShell Scripting
• Execution context and flow • Basic commands
• One-liners vs Scripts • Writing basic scripts
• Writing a log parsing script
• Writing a host assessment script

ISAC-PH
Access and Connectivity: Pre-requisites

Required Tools Impo ed Vi ual Machines

Required Vi ual Machines

ISAC-PH
Access and Connectivity: Vi ualBox VM Configuration

ISAC-PH
Access and Connectivity: Vi ualBox Network Configuration

ISAC-PH
Access and Connectivity: Vi ualBox Network Configuration

ISAC-PH
Access and Connectivity: Host Network Configuration

ISAC-PH
Access and Connectivity: Host Network Configuration

ISAC-PH
Access and Connectivity: Host Network Configuration

ISAC-PH
Access and Connectivity: Host Network Configuration

Uncheck
IPv4 & IPv6

ISAC-PH
Access and Connectivity: Host Network Configuration

ISAC-PH
Access and Connectivity: Host Network Configuration

ISAC-PH
Access and Connectivity: Host Network Configuration

Same
setup for
Ethernet 4

ISAC-PH
Access and Connectivity: Vi ualBox Network Configuration

Proper Configuration:
IPv4 == 0.0.0.0/0
IPv6 == <blank>

ISAC-PH
Operational Visibility: Lab Environment

ISAC-PH
Operational Visibility: Using the Vi ualBox Host as a Probe

192.168.112.1/24

ISAC-PH
Operational Visibility: Using the Vi ualBox Host as a Probe

192.168.224.1/24

192.168.112.1/24

ISAC-PH
Operational Visibility: Using the Vi ualBox Host as a Probe

192.168.224.1/24

10.0.3.100/24
192.168.112.1/24

ISAC-PH
Operational Visibility: Using the Vi ualBox Host as a Probe

192.168.224.1/24

10.0.3.100/24
192.168.112.1/24

192.168.68.x/24

ISAC-PH
Reference: Microso Evaluation Center
Windows Server 2016, 2019, and 2022 Evaluation
• https://www.microsoft.com/en-us/evalcenter/download-windows-server-2022
• https://www.microsoft.com/en-us/evalcenter/download-windows-server-2019
• https://www.microsoft.com/en-us/evalcenter/download-windows-server-2016

Windows SQL Server 2016, 2019, 2022 Evaluation


• https://www.microsoft.com/en-us/evalcenter/download-sql-server-2022
• https://www.microsoft.com/en-us/evalcenter/download-sql-server-2019
• https://www.microsoft.com/en-us/evalcenter/download-sql-server-2016

System Center 2022 Evaluation


• https://www.microsoft.com/en-us/evalcenter/download-system-center-2022

Windows 10, 11 Enterprise Evaluation


• https://www.microsoft.com/en-us/evalcenter/download-windows-11-enterprise
• https://www.microsoft.com/en-us/evalcenter/download-windows-10-enterprise

Windows Admin Center Evaluation


• https://www.microsoft.com/en-us/evalcenter/download-windows-admin-center

Microsoft Endpoint Configuration Manager Evaluation


• https://www.microsoft.com/en-us/evalcenter/download-microsoft-endpoint-configuration-manager

ISAC-PH

You might also like