Professional Documents
Culture Documents
Instructor Lab Manual
Instructor Lab Manual
Instructor Lab Manual
Objectives
Explore the career opportunities for cybersecurity professionals.
Explore the career requirements for cybersecurity professionals.
Part 1: Exploring Cybersecurity Jobs
Part 2: Cybersecurity Job Requirements
Background / Scenario
The cyber world is full of dangers and threats to individuals, organizations, and countries. These perils have
resulted in a major demand for individuals with the knowledge, skills, credentials, and ethics to protect our
people and systems. In this lab, you will explore the types of jobs available, job titles, job requirements, and
credentials required by the cybersecurity industry. The Internet is full of job search websites that can provide
you with information about careers in cybersecurity. Many of these websites are job search sites called job
aggregators. This means that they collect job postings from many other sites and organizations. In part one,
you will explore three of the world’s most popular job aggregator websites. In part two, you will discover the
requirements of cybersecurity jobs.
URL: http://burning-glass.com/infographic-geography-cybersecurity-jobs-2015/
Required Resources
• PC or mobile device with Internet access
____________________________________________________________________________________
____________________________________________________________________________________
The number of jobs will be listed at the top right hand corner and will vary for every search.
c. Do the same search but use the phrase information security. Record the number of jobs found. Did you
find more or less job postings? Why?
____________________________________________________________________________________
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 4
Lab – Cybersecurity Job Hunt
____________________________________________________________________________________
The number of jobs will be listed at the top right hand corner and will vary for every search. Different
phrases will match to different job titles listed in the Indeed database. It is good practice to try different
titles. Information security is a more common job title for individuals that work in the cybersecurity
profession.
d. Repeat these steps using the phrase network security for the third search. Record the number of jobs
found. Did you find more or less job postings? Why?
____________________________________________________________________________________
____________________________________________________________________________________
Different phrases will match to different job titles listed in the Indeed database. Network security is a
subset of information security, therefore you should find less jobs. The point is that your search criteria
can make a big difference in your results.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 4
Lab – Cybersecurity Job Hunt
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 4
Lab – Cybersecurity Job Hunt
Search the first page. Have the students share their findings. Discuss the difference between the different
federal agencies.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 4
Lab – Threat Identification (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Explore the security features used by organizations to keep data safe.
Part 1: Exploring the Threat of Cyberattacks
Part 2: CIA Triad
Background / Scenario
The threats posed by the cyber world are real. These threats have the potential to wreak havoc on life in a
computer centric world. Understanding these threats is important to everyone and in order to combat them,
the world needs committed individuals that can recognize threats, and outmaneuver and outsmart cyber
criminals. In order to develop the talent needed, organizations like CompTIA, Cisco Systems and ISC2 have
created programs to educate and certify cyber professionals.
Required Resources
• PC or mobile device with Internet access
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab – Threat Identification
c. Have any of the potential threats portrayed in the video actually happened? Click here to learn more
about these attacks.
____________________________________________________________________________________
____________________________________________________________________________________
Answers will vary.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab – Threat Identification
c. What is system availability? What can happen if a critical computer system is no longer available?
____________________________________________________________________________________
____________________________________________________________________________________
The cybersecurity principle of Availability states that information and information systems must be
available when needed. Availability systems must have properly functioning computing systems, services
and communication channels. Loss of availability can affect any services and access to data on the
systems. In the case of a bank system availability failure, a bank customer would not be able to deposit or
withdraw money to or from the bank.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab - Exploring the World of Cybersecurity Professionals
(Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Explore the security features used by organizations like Google and Cisco to keep your data safe.
Part 1: Protecting Your Data
Part 2: Improving your Google Account Security
Background / Scenario
This chapter introduces the student to the cyber world. This cyber world is full of data kingdoms that handle
unimaginable amounts of personal and organizational information. As cybersecurity professionals, it is
important to understand the types of cybersecurity safeguards an organization must implement in order to
protect the data they store, manage, and protect. In this lab, you will explore one of the world’s largest data
handling organizations, Google. You will watch two videos and then answer a series of questions. Each video
presents a different aspect of cybersecurity defense at Google. Upon completion, you will have a better
understanding of the security measures and services that organizations like Google take in order to protect
information and information systems.
Videos:
How Google Protects Your Data
Security Key
Required Resources
• PC or mobile device with Internet access
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab - Exploring the World of Cybersecurity Professionals
Access to a Google datacenter is tightly controlled. Only authorized personal are allowed to enter. The
security staff works 24 hours a day, seven days a week. The centers are guarded by security personnel
and 24-hour video monitoring. All personnel must check in at the reception area. The team at Google
does not allow outside visitors at its datacenter facilities.
c. How does Google protect customer data on a server system?
____________________________________________________________________________________
____________________________________________________________________________________
All data on Google systems are encrypted and stored in multiple locations. Google also uses data
randomizing to make it more difficult to locate data. All hard drives are monitored and tested regularly. If a
drive indicates signs of potential failure, it is swapped out before it fails. All retired drives are physically
destroyed.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab - Exploring the World of Cybersecurity Professionals
b. What is a security key and what does it do? Can you use the security key on multiple systems?
____________________________________________________________________________________
____________________________________________________________________________________
A security key log is registered to your Google account, not a particular computer. You can use your
Security Key on any computer with Google Chrome.
c. Click here for common questions about the Security Key. If you set up your account to use a security key,
can you still get in without having the physical key?
____________________________________________________________________________________
____________________________________________________________________________________
Yes. If you are asked for a Security Key and do not have it available, you will always have the option to
use a verification code. Simply click the link at the bottom of the screen that says use verification code
instead.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab – The Cybersecurity Sorcery Cube Scatter Quizlet (Instructor
Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Identify the three dimensions of the Cybersecurity Sorcery Cube and the elements of each dimension.
Required Resources
• PC or mobile device with Internet access
Background / Scenario
The McCumber Cube, developed by John McCumber in 1992 is a framework or model used to establish and
evaluate information and information systems security. The framework relies on the cybersecurity
professional to identify information assets with a focus on the core principles of cybersecurity; confidentiality,
integrity, and availability. The model is based on three dimensions, each having three elements.
Quizlet Review
Click on the Quizlet website and review the Cybersecurity Essentials - Cybersecurity
Sorcery Cube. You do not need to create an account on the site.
a. Review the list of terms and definitions.
b. Select the Flashcards icon. Test your knowledge by going through all ten flashcards.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 2
Lab – The Cybersecurity Sorcery Cube Scatter Quizlet
c. Click the Scatter option in the menu. When prompted, click to start the game.
d. Drag each term to its definition.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 2
Lab – Install a Virtual Machine on a Personal Computer (Instructor
Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Part 1: Prepare a Computer for Virtualization
Part 2: Import a Virtual Machine into VirtualBox Inventory
Background / Scenario
Computing power and resources have increased tremendously over the last 10 years. A benefit of having
multicore processors and large amounts of RAM is the ability to use virtualization. With virtualization, one or
more virtual computers can operate inside a single physical computer. Virtual computers that run within
physical computers are called virtual machines. Virtual machines are often called guests, and physical
computers are often called hosts. Anyone with a modern computer and operating system can run virtual
machines.
A virtual machine image file has been created for you to install on your computer. In this lab, you will
download and import this image file using a desktop virtualization application, such as VirtualBox.
Required Resources
• Computer with a minimum of 2 GB of RAM and 8 GB of free disk space
• High speed Internet access to download Oracle VirtualBox and the virtual machine image file
Note: The image file is about 2.5 GB, and can grow up to 5 GB after the virtual machine is in operation. While
you can delete the image file after the virtual machine is imported, the 8 GB free disk space requirement is for
users who decide to keep the image file.
Note: To install and run 64bit virtual machines on a host physical computer, the computer needs to be a 64bit
system and have hardware virtualization technology enabled in BIOS. If you are unable to install the virtual
machine image you may need to reboot your computer and enter setup mode in BIOS to enable hardware
virtualization technology under advanced system settings.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab – Install a Virtual Machine on a Personal Computer
directory. This directory is then distributed as an OVA package. This package contains all of the OVF files
necessary for the deployment of the virtual machine. The virtual machine used in this lab was exported in
accordance with the OVF standard.
Click here to download the virtual machine image file.
Note: This file is 2.5 GB in size, and it may take over an hour to download, depending on the speed of your
Internet connection.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab – Install a Virtual Machine on a Personal Computer
Reflection
What are the advantages and disadvantages of using a virtual machine?
_______________________________________________________________________________________
_______________________________________________________________________________________
_______________________________________________________________________________________
_______________________________________________________________________________________
With a virtual machine, you are able to test new applications or operating systems without affecting your host
machine. You are also able to save the current machine state when you close virtual machine. If you have
any issues, you have the option to revert the virtual machine to a previously saved state. On the other hand, a
virtual machine requires hardware resources from the host machine, such as hard drive space, RAM, and
processing power.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab – Authentication, Authorization, and Accounting (Instructor
Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
• Given a scenario, select the appropriate authentication, authorization, or access control
• Install and configure security controls when performing account management, based on best practices
Part 1: Adding Groups, Users, and Passwords on a Linux System
Part 2: Verify Users, Groups, and Passwords
Part 3: Using Symbolic Permissions
Part 4: Absolute Permissions
Background / Scenario
You will be conducting host security practices using the Linux command line by performing the following
tasks:
• Adding Groups, Users, and Passwords
• Verifying Groups, Users, and Passwords
• Setting Symbolic Permissions
• Setting Absolute Permissions
Required Resources
• PC with Ubuntu 16.0.4 LTS installed in a VirtualBox or VMware virtual machine.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 12
Lab – Authentication, Authorization, and Accounting
Step 2: Escalate privileges to the root level by entering the sudo su command. Enter the
password password when prompted.
cisco@ubuntu:~$ sudo su
Step 3: Add a new group named HR by entering the command groupadd HR.
root@ubuntu:/home/cisco# groupadd HR
The new group HR will be added to the bottom of the /etc/group file with a group ID of 1005.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 12
Lab – Authentication, Authorization, and Accounting
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 12
Lab – Authentication, Authorization, and Accounting
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 12
Lab – Authentication, Authorization, and Accounting
Note: If you are unable to use tty1 terminal, return to graphical user interface (GUI) of the host by using
CTRL+ALT+F7 and open a terminal window in the GUI Ubuntu OS. At the prompt, enter su –l jenny at the
prompt and enter the password lasocial. Proceed to Step 4.
cisco@ubuntu:~$ su –l jenny
Step 2: Once on the Terminal login screen, type jenny and press Enter.
Step 3: When prompted for the password, type lasocial and press Enter.
Step 4: After a successful login, you will see the jenny@ubuntu:~$ prompt.
Since we are not logged in as the root (superuser), we are presented with the dollar sign instead of the #
if we were to be logged in as the user root.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 12
Lab – Authentication, Authorization, and Accounting
The Linux operating system has a total of 10 letters or dashes in the permissions fields:
o The first field is a dash for a file an a d for a directory
nd th
o The 2 through 4 fields are for the user
th th
o The 5 through 7 fields are for the group
th th
o The 8 through 10 fields are for others (accounts other than those in the group)
Step 9: Press and hold CTRL+ALT+F2 to switch to another Terminal session (tty2).
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 12
Lab – Authentication, Authorization, and Accounting
Step 10: Login as the user root with the password secretpassword.
Note: If you are unable to use tty2 terminal, return to graphical user interface (GUI) of the host by using
CTRL+ALT+F7 and open a terminal window in the GUI Ubuntu OS. At the prompt, enter sudo -i at the
prompt and enter the password password.
Step 12: Change the “other” permission on joe’s folder by making it non-executable.
root@ubuntu:/home# chmod o-x joe
Step 13: List the directories once more with their respective permissions.
root@ubuntu:/home# ls -l
Notice now that there are two dashes in the “others” field for joe’s folder.
Step 14: Press and hold CTRL+ALT+F1 to switch back to the other Terminal session (tty1).
Make sure you are viewing the following command prompt: jenny@ubuntu:/home$.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 12
Lab – Authentication, Authorization, and Accounting
chmod u+rwx Adds read, write, and execute permissions for the user
chmod u+rw Adds read and write permission for the user
Step 16: Type exit followed by pressing Enter to logout of the Terminal session.
Note: If you are unable to use tty1 terminal, return to graphical user interface (GUI) of the host by using
CTRL+ALT+F7 and open a terminal window in the GUI Ubuntu OS. At the prompt, enter sudo –l joe at
the prompt and enter the password tooth.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 12
Lab – Authentication, Authorization, and Accounting
Step 4: List all directories and their permissions in the current working directory.
joe@ubuntu:/home~$ ls -l
Notice that Joe’s folder is set so that “others” are not able to access the folder.
The other way of assigning permissions besides using symbolic permissions is the use of absolute
permissions. Absolute permissions use a three digit octal number to represent the permissions for owner,
group and other.
The table below outlines each absolute value and its corresponding permissions:
Number Permissions
1 Execute
0 None
By typing the command chmod 764 examplefile, the examplefile will be assigned the follow permissions:
o The user will get read, write and execute permissions
o The group will get read and write permissions
o Others will get read access
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 9 of 12
Lab – Authentication, Authorization, and Accounting
1-Read 1-Write
7 (user) 111
1-Execute
1-Read 1-Write
6 (group) 110
0-No Execute
1-Read
4 (others) 100 0-No Write
0-No Execute
Step 5: Modify the “others” field for Joe’s folder so that others will be able read and execute
but not write while still maintaining the “user” field to read, write, and execute.
joe@ubuntu:/home$ chmod 705 joe
Step 6: List the file permissions of the current directory to see that the absolute changes were
made.
joe@ubuntu:/home$ ls -l
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 10 of 12
Lab – Authentication, Authorization, and Accounting
b. While on the tty1 Terminal, log back in as jenny and enter the password lasocial. Press Enter.
Note: If you are unable to use tty1 terminal, return to graphical user interface (GUI) of the host by using
CTRL+ALT+F7 and open a terminal window in the GUI Ubuntu OS. At the prompt, enter su –l jenny at the
prompt and enter the password lasocial.
cisco@ubuntu:~$ su –l jenny
Step 11: Change to the /home/joe directory and list the content of the directory.
jenny@ubuntu:/home$ cd joe
jenny@ubuntu:/home/joe$ ls -l
Notice that we are able to enter Joe’s folder and read the files within the directory. We are able to see the
test.txt file.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 11 of 12
Lab – Authentication, Authorization, and Accounting
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 12 of 12
Lab – Detecting Threats and Vulnerabilities (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Use Nmap, a port scanner and network mapping tool to detect threats and vulnerabilities on a system.
Background / Scenario
Network Mapper, or Nmap, is an open source utility used for network discovery and security auditing.
Administrators also use Nmap for monitoring hosts or managing service upgrade schedules. Nmap
determines what hosts are available on a network, what services are running, what operating systems are
running, and what packet filters or firewalls are running.
Required Resources
• PC with Ubuntu 16.0.4 LTS installed in a VMware workstation.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab – Detecting Threats and Vulnerabilities
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab – Detecting Threats and Vulnerabilities
Using the –sV switch with the nmap command performs a version detection which you can use to
research vulnerabilities.
You captured the SSH keys for the host system. The command runs a set of scripts built into Nmap to test
specific vulnerabilities.
References
Nmap: https://nmap.org/
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab – Using Steganography (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Use steganography to hide a document within a JPEG file.
Background / Scenario
Steghide is an open source steganography program that hides data in various types of files such as audio
and image files. You are going to hide a data file within an image file.
Required Resources
• PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab – Using Steganography
h. You have embedded the document, secret.odt, into the image file, keyboard.jpg.
i. Open the files, secret.odt and keyboard.jpg. Did these files change? ____________________________
No. The files did not change.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab – Using Steganography
d. You have extracted the file. Open the extracted secret.odt file with LibreOffice.
Could you open the file? Is the secret message the same as before?
____________________________________________________________________________________
The file can be opened and the message is the same as before.
References
Steghide: http://steghide.sourceforge.net/
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab – Password Cracking (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Use a password cracking tool to recover a user’s password.
Background / Scenario
There are four user accounts, Alice, Bob, Eve, and Eric, on a Linux system. You will recover these passwords
using John the Ripper, an open source password cracking tool.
Required Resources
• PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab - Password Cracking
cisco@ubuntu:~$ cd ~/Downloads/john-1.8.0/run
b. At the command prompt, enter the following command :
cisco@ubuntu:~/Downloads/john-1.8.0/run$ sudo ./unshadow /etc/passwd
/etc/shadow > mypasswd
This command will combine the /etc/passwd file where user accounts are stored, with the /etc/shadow file
where user passwords are stored, into a new file called “mypasswd”.
The program, John the Ripper, uses a predefined dictionary called password.lst with a standard set of
predefined “rules” for handling the dictionary and retrieves all password hashes of both md5crypt and
crypt type.
The results below display the passwords for each account.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab - Password Cracking
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab – Using Digital Signatures (Instructor Version)
Instructor Note: Have students pair up for this lab.
Objectives
Understand the concepts behind digital signature.
Part 1: Demonstrate the use of digital signatures.
Part 2: Demonstrate the verification of a digital signature.
Background / Scenario
A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital
message. A digital signature is the equivalent of a handwritten signature. Digital signatures can actually be far
more secure. The purpose of a digital signature is to prevent the tampering and impersonation in digital
communications. In many countries, including the United States, digital signatures have the same legal
significance as traditional forms of signed documents. The United States Government now publishes
electronic versions of budgets, laws, and congressional bills with digital signatures.
Required Resources
• PC or mobile device with Internet access
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 5
Lab – Using Digital Signatures
0xc8 0x93 0xa9 0x0d 0x8f 0x4e 0xc5 0xc3 0x64 0xec 0x86 0x9d 0x2b 0x2e 0xc9 0x21 0xe3 0x8b 0xab
0x23 0x4a 0x4f 0x45 0xe8 0x96 0x9b 0x98 0xbe 0x25 0x41 0x15 0x9e 0xab 0x6a 0xfb 0x75 0x9a 0x13
0xb6 0x26 0x04 0xc0 0x60 0x72 0x28 0x1a 0x73 0x45 0x71 0x83 0x42 0xd4 0x7f 0x57 0xd1 0xac 0x91
0x8c 0xae 0x2f 0x3b 0xd2 0x99 0x30 0x3e 0xe8 0xa8 0x3a 0xb3 0x5d 0xfb 0x4a 0xc9 0x18 0x19 0xfd 0x3f
0x0c 0x0a 0x1f 0x3d 0xa4 0xa4 0xfe 0x02 0x9d 0x96 0x2f 0x50 0x34 0xd3 0x95 0x55 0xe0 0xb7 0x2a
0x46 0xa4 0x9e 0xae 0x80 0xc9 0x77 0x43 0x16 0xc0 0xab 0xfd 0xdc 0x88 0x95 0x05 0x56 0xdf 0xc4
0xfc 0x13 0xa6 0x48 0xa3 0x3c 0xe2 0x87 0x52 0xc5 0x3f 0x0c 0x0d
Click here to use the online RSA tool to verify the authenticity of Alice’s digital signature.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 5
Lab – Using Digital Signatures
a. Copy and paste the public and private keys from Table 1 above into the Public Modulus and Private
Exponent boxes on the website as shown in the picture above.
b. Make sure the Public Exponent is 10001.
c. Paste Alice’s digital signature from Table 2 in the box labeled text on the website as shown above.
d. Now BOB can verify the digital signature by clicking the Verify button near the bottom center of the
website. Whose signature is identified?
____________________________________________________________________________________
Alice’s name should be displayed.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 5
Lab – Using Digital Signatures
0x6c 0x99 0xd6 0xa8 0x42 0x53 0xee 0xb5 0x2d 0x7f 0x0b 0x27 0x17 0xf1 0x1b 0x62 0x92 0x7f 0x92
0x6d 0x42 0xbd 0xc6 0xd5 0x3e 0x5c 0xe9 0xb5 0xd2 0x96 0xad 0x22 0x5d 0x18 0x64 0xf3 0x89 0x52
0x08 0x62 0xe2 0xa2 0x91 0x47 0x94 0xe8 0x75 0xce 0x02 0xf8 0xe9 0xf8 0x49 0x72 0x20 0x12 0xe2
0xac 0x99 0x25 0x9a 0x27 0xe0 0x99 0x38 0x54 0x54 0x93 0x06 0x97 0x71 0x69 0xb1 0xb6 0x24 0xed
0x1c 0x89 0x62 0x3d 0xd2 0xdf 0xda 0x7a 0x0b 0xd3 0x36 0x37 0xa3 0xcb 0x32 0xbb 0x1d 0x5e 0x13
0xbc 0xca 0x78 0x3e 0xe6 0xfc 0x5a 0x81 0x66 0x4e 0xa0 0x66 0xce 0xb3 0x1b 0x93 0x32 0x2c 0x91
0x4c 0x58 0xbf 0xff 0xd8 0x97 0x2f 0xa8 0x57 0xd7 0x49 0x93 0xb1 0x62
Public Key A string of 256 hexadecimal characters will be displayed for both the public and
private keys. The keys will be different from one another.
Private key A string of 256 hexadecimal characters will be displayed for both the public and
private keys. The keys will be different from one another.
e. Now type in your full name into the box labeled Text and click Sign.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 5
Lab – Using Digital Signatures
Personal Digital A string of characters with this format will be displayed. 0x23 0x90 …….
Signature
Step 1: Exchange your new public and private keys in Table-5 with your lab partner.
a. Record your lab partner’s public and private RSA keys from their Table-5.
b. Record both keys in the table below.
Table 7- Lab Partners RSA Keys
Public key A string of 256 hexadecimal characters will be displayed for both the public
and private keys. The keys will be different from one another.
Private key A string of 256 hexadecimal characters will be displayed for both the public
and private keys. The keys will be different from one another.
c. Now exchange their digital signature from their Table-6. Record the digital signature in the table below.
Lab Partner’s A string of characters with this format will be displayed. 0x23 0x90 …….
Digital Signature
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 5
Lab – Remote Access (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Compare SSH and Telnet for accessing a remote host.
Background / Scenario
You will use SSH and Telnet to establish remote connections to a host. SSH is a secure method for remotely
accessing an SSH host. Telnet is an insecure method for accessing a Telnet host.
Required Resources
• PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 3
Lab – Remote Access
b. You are prompted for a login account and password for an account that exists on the host:
Ubuntu login: cisco
Password: password
You have successfully logged into your own machine using Telnet.
c. At the command prompt, enter the following command to exit this Telnet session:
cisco@ubuntu:~$ exit
Note: If this is the first time connecting with SSH, the security keys will need to be saved to the system. If
you are prompted as to whether to proceed, type yes to proceed with the connection.
b. Use the password password for the user cisco.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 3
Lab – Remote Access
Note: If you did not receive a new IP address, click the network icon ( ). Disconnect and reconnect
the wired connection.
b. Repeat the SSH and Telnet commands but this time instead of localhost use your partner’s IP address.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 3
Lab – Hardening a Linux System (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
Demonstrate the use of a security auditing tool to harden a Linux system.
Background / Scenario
Auditing a system for potential misconfigurations or unprotected services is an important aspect of system
hardening. Lynis is an open source security auditing tool with an automated set of scripts developed to test a
Linux system.
Required Resources
• PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 5
Lab – Hardening a Linux System
b. At the command prompt, enter the following command and enter the password password when
prompted:
cisco@ubuntu:~/Dowloads/lynis$ sudo ./lynis update info
This command verifies that this is the latest version and updates for the tool at the time of writing of this
lab.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 5
Lab – Hardening a Linux System
As displayed above, the tool will begin auditing using the user cisco as the auditor.
Notice: You will receive warnings.
b. To continue with each stage of the audit press Enter. You will receive warnings as shown below.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 5
Lab – Hardening a Linux System
d. You will receive a notification for any configuration that is weak as shown below:
e. You will receive detailed security enhancement suggestions as well as a final summary which provides
the location where you can find the log file.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 5
Lab – Hardening a Linux System
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 5