Introduction
In today’s world where each and every device requires connection to the cyberspace makes everyone more susceptible to cyber-attacks. Whether you want to build a career as a professional in cyber security, or just interested in protecting yourself online and in social media, GMI Cyber Security Technology Centre is the answer.
The Cyber Security Technology Centre offers hands-on experience in learning what cybersecurity is and its potential impact to human, to comprehend the most common threats, attacks and vulnerabilities and to gain insights on how businesses protect their operations from cyberattacks.
Objectives
The purpose of Cyber Security Technology Centre is to apply the concepts of cyber security in forms of hands-on exercises that are crucial for a successful career as a cyber-security specialist. These real lab exercises provide an excellent hands-on component to emphasize theoretical materials. The centre lab exercises provide four types of procedures focusing on different environments:
i. Lab Group for Enterprise Network Security Systems
ii. Lab Group for Industrial Cyber Security Systems
iii. Lab Group for Medical Network Security
iv. Lab Group for Ethical Hacking Tools
Facilities
In this lab, participants can configure different enterprise networking security settings. The procedures in this lab will involve multiple routers, switches and ASA Firewall.
Specifications and services:
Cisco ASA 5515-X Firewall, Cisco Switch Catalyst 2960, and Cisco Router 2911
- To perform firewall commands and enable firewall functionality
- To create a Demilitarized Zone (DMZ) for security
- To perform Telnet to the Cisco switch and navigate command line interface (CLI)
- To perform Telnet for VLAN operations and to perform Inter-VLAN routing
- To perform router security using different levels of encryption
- To perform Inter-VLAN routing
- To create Access Control List (ACL) for security
In this lab, participants can examine the level of knowledge required to exploit the vulnerability of this type of configuration, such as the vulnerability of Automated Processes, Programmable Logic Controller (PLC), Smart Grids, Structural Security, Grid Networks and WANs and HANs.
Participants will be able to familiarize with the components of PLC and conduct a DoS attact, and to create a DMZ as a defence in depth strategy. The Industrial Process Panel is consisting of Elevator Conveyor Motor, wireless router, and PLC.
In this lab, participants will create and transport patients’ records while observing legal requirements using the server system and a wireless router.
Specifications and services:
Hand-held data logger and Wireless Heart Rate Sensor and Medical Notebook PC
- To configure and verify the operation of the remote wireless sensor using Bluetooth communications
- To perform packet sniffing application (Wireshark)
4. Lab Group for: Ethical Hacking Tools
In this lab, participants will be introduced to a number of different tools commonly used by hackers to attack and defend IT and ICS system, such as Port Scanners, Packet Sniffers, Packet Construction tools, Network Analysers, Penetration Testers, and Network Traffic Probes.
Specifications & services:
Marcraft Cyber Security Server System (Window server 2012) – Kali Virtual Machine (KVM)
- To demonstrate the use of Social Engineering Toolkit to harvest passwords
- To utilize and understand the differences between a MITM attack, DNS spoofing, and ARP poisoning.
- To explore and investigate the result of a Denial of Service (DoS) – To operate Metasploit to discover Windows password hashes.
- To demonstrate the ability to crack Windows passwords from their hashes using John the Ripper.
- To perform protocol sniffing.
- To configure keylogging software to avoid detection and provide plain-text keystrokes from a user.
- To perform various Social Engineering attacks such as Shoulder Surfing, Eavesdropping, Tailgating and Dumpster Diving.
- To explore GUI based Remote Access Trojans.
- To demonstrate exploiting Windows OS vulnerability.
All of these as a part of our lab to apply for Ethical Hacking tools. Participants will be able to perform some activities such as:
• Black, White & Gray Hats
• The Lockheed Martin Cyber Kill Chain
• Social Engineering
• IP Header Manipulation
• Session Hijacking
• ARP Spoofing & SQL Injection
• Ping Flood & Smurf Attacks
• Password Attacks
• Wardriving
• WEP/WPA Key Cracking
• Documentation & Reporting
• Network Port Scanning
• The Pentest Process
• Defending Against IP Spoofing
• MAC Spoofing & Flooding
• Man-in-the-Middle
Products/Services
Our highly skilled and trained personnel from the GMI Cyber Security Centre will provide extensive and comprehensive training to equip participants with the technical know-how in operating network devices, configuration, troubleshooting as well as the security aspects of deploying them to their existing network at the workplace.