Self-paced

Explore our extensive collection of courses designed to help you master various subjects and skills. Whether you're a beginner or an advanced learner, there's something here for everyone.

Bootcamp

Learn live

Join us for our free workshops, webinars, and other events to learn more about our programs and get started on your journey to becoming a developer.

Upcoming live events

Learning library

For all the self-taught geeks out there, here is our content library with most of the learning materials we have produced throughout the years.

It makes sense to start learning by reading and watching videos about fundamentals and how things work.

Search from all Lessons


LoginGet Started

Register to 4Geeks

← Back to Projects

Cybersecurity Final Project

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

🌱 How to Start This Project
📝 Instructions

🌱 How to Start This Project

For this final project, you will assume the role of a cybersecurity analyst responsible for restoring and protecting a critical server that has been compromised at 4Geeks Academy. You will be provided with a hacked machine that simulates a key company server, and your task will be to re-establish its security, fix the exploited vulnerabilities, and ensure its optimal functionality. The exercise is divided into three phases that will test your skills in forensic analysis, vulnerability detection and remediation, and incident response.

  • Phase 1 - Hack Correction
    In the first phase, you will conduct a forensic analysis of the incident, identify the vulnerabilities exploited by the attacker, and block the exploit to prevent further escalation of the attack.

  • Phase 2 - Detection and Correction of a New Vulnerability
    In the second phase, you will scan the system for an additional vulnerability, different from the one previously exploited. Once detected, you will exploit the vulnerability in a controlled manner to understand its impact, escalate its privileges, fix it, and create a report that explains the entire process.

  • Phase 3 - Incident Response Plan and Certification
    The final phase involves designing an incident response plan based on industry best practices, such as the NIST recommendations. As part of this exercise, you will develop an Information Security Management System (ISMS) in accordance with the ISO 27001 standard, which will include measures to prevent data leaks through Data Loss Prevention (DLP) policies.

📝 Instructions

Phase 1: Recognition and collection of evidence

Objective: Conduct a forensic analysis to block the exploit, fix the vulnerability, and prevent the attacker from escalating.

  1. Identify which services were compromised and how the attacker accessed the server. You can use tools like grep to review system logs (for example, /var/log/auth.log for SSH connections).
  2. Identify suspicious files, running processes, and any unusual modifications in the system.
  3. Perform a scan of the server to detect rootkits or malware.
  4. Block the exploit and prevent escalation. Temporarily stop compromised services (systemctl stop service) if necessary.
  5. Revert changes made by the attacker (remove unauthorized users, eliminate backdoors, close unnecessary ports).
  6. Update and correct security configurations (update packages, change passwords, improve firewall settings if necessary).
  7. Prepare a detailed report that includes the measures taken to mitigate the attack and prevent escalation. Additionally, include recommendations on how to prevent future attacks of a similar nature.

Phase 2: Detect and Fix a Different Vulnerability

Objective: Scan, detect, and exploit a vulnerability different from the one previously exploited and create a report that explains the entire process.

  1. Perform a complete scan of the system using tools like Nmap.
  2. Detect a vulnerability unrelated to the previous hack, such as a misconfiguration in Apache, unnecessary open ports, or an exposed service, and exploit this detected vulnerability.
  3. Document the exploitation process and the steps taken to compromise the service or escalate privileges.
  4. Apply measures to fix the found vulnerability, such as closing ports, changing security configurations, or restricting access.
  5. Prepare a detailed report that includes the detected vulnerability, the exploitation process, and the measures applied to correct it.

Phase 3: Incident Response Plan and Certification

Objective: Design an incident response plan based on best practices and develop an Information Security Management System (ISMS) in accordance with the ISO 27001 standard.

  1. Develop a response plan based on the NIST SP 800-61 guidelines, which includes how to identify, contain, eradicate, and recover from future security incidents.
  2. Detail how the organization would respond to an attack similar to the one that occurred and how to prevent recurrence.
  3. Identify and document data protection mechanisms, such as the use of regular backups, encryption of sensitive data, and the implementation of strict access controls.
  4. Implement an ISMS (ISO 27001). Develop an Information Security Management System (ISMS) that complies with ISO 27001 standards, including risk analysis, definition of security policies, and action plans to protect the company’s critical information.

📦 How to Submit This Project?

Sign up and get access to solution files and videos

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

Sign up and get access to solution files and videos

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • intermediate

Average duration

3 hrs

Technologies

Difficulty

  • intermediate

Average duration

3 hrs

Technologies