The cadet team spent the first 10 lessons of the capstone working to re-design, build, and harden an inherited, insecure network. As the teams worked to design and clean up the breach, they eventually determined that the security breach in their sector may have been an inside job, noticing a hidden document (plans.txt attached) in the root directory of their system. This document describes a course of action from ex-employee Dr. Martin Brenner, domain administrator, to establish some sort of "gateway" into their IT infrastructure for data extraction. The scenario is a play on Netflix's "Stranger Things" that leads the cadets to both prepare for another attack and to search for backdoors on their systems. The teams must then prepare their systems for Dr. Brenner's return by monitoring their network using Wireshark and/or other tools. They need to establish some sort of logging to identify, track, and, hopefully, prevent Dr. Brenner's return should he follow through with his plans. At a minimum, they are required to establish network traffic monitoring (Wireshark or TCPDUMP) on their web and DNS servers as well as Linux users. They are also required to set up web traffic monitoring and basic system logging. In addition, they are recommended to enable DNS and MySQL logging and to establish real-time event notifications for bonus points.
↧
Cyber Security Engineering Capstone Project
↧