Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Course Description
The cyber defender foundation capture the flag (CTF) has been designed to test and teach those responsible for detecting
and defending an organisation against a cyber-attack. The QA cyber lab offers a safe environment for IT and security teams
to develop their cyber defence skills and put to them to the test against the clock.
This is not for your elite 'hackathon# champions, this foundation CTF provides a learning platform for your multi-discipline
technical teams to work together collaborating as they would do in a real cyber-attack. During the event challenges are
released which requires the participants to navigate through systems, seeking vulnerabilities, exploiting, decrypting,
whatever it takes to find the flag. Talented individuals working in isolation can't defend an organisation successfully. Learn
the necessary cyber defence 'trade craft' skills, in our state of the art cyber lab, a fully immersive learning experience,
harnessing the talent within your teams to solve the challenges together before you have to do it for real.
Objectives
Delegates will be able to demonstrate the following:
Course Modules
Day One
◾ Delegates will learn the commands needed to navigate around a Linux System, from being able to locate a specific file
to killing running processes. Gaining the necessary skills and knowledge to not only know how to look but were to look
for signs of an attack, which will come in very useful as they progress through the rounds and are able to respond
swiftly to an incident. Knowing where to look is a key element in finding a flag for your team and delegates will be
shown the key places that a hacker may leave clues behind.
◾ Penetration tests allow system administrators and security professionals to identify vulnerabilities and weaknesses in
their systems and platforms which could be exploited by an attacker. Delegates will be taught how to conduct a
penetration test, testing for weak authentication, scanning remote services for vulnerabilities, exploitation of
vulnerabilities and patching those vulnerabilities.
Day Two
◾ Round one will require the delegates to use the commands learnt on the first day to navigate their way through a Linux
system finding all the flags in question, they will need to remember the command line to use to find what they are
looking for. This could be anything from the architecture to the operating system or even more specific hardware and
software elements to form a level of confidence when using Linux Command Line.
their team, all of which can be found using the expansive suite of tools with the Kali Linux environment. This round
engages both novices and experts covering tasks with varied difficulty. Each task requires the submission of a flag, the
goal being to submit maximum number of flags in the allocated time.
Prerequisites
There are no explicit predefined prerequisites required for the challenge event as the instructor will lead the delegates
through the event from the introductory modules to the more advanced tasks. However we recommend that delegates have
experience of Windows and Linux operating systems in a networked environment. CLI skills, which include the navigation of
file directories for both Windows and Linux. The ability to interrogate network systems for basic information such as IP
address and MAC address. Knowledge of network fundamentals (IP addressing, subnets, routing). Familiarity with TCP/IP
stack and the OSI Model and knowledge of common internet protocols.