Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
For this final project, you will assume the role of a cybersecurity analyst responsible for restoring and protecting a critical server that has been compromised at 4Geeks Academy. You will be provided with a hacked machine that simulates a key company server, and your task will be to re-establish its security, fix the exploited vulnerabilities, and ensure its optimal functionality. The exercise is divided into three phases that will test your skills in forensic analysis, vulnerability detection and remediation, and incident response.
Phase 1 - Hack Correction
In the first phase, you will conduct a forensic analysis of the incident, identify the vulnerabilities exploited by the attacker, and block the exploit to prevent further escalation of the attack.
Phase 2 - Detection and Correction of a New Vulnerability
In the second phase, you will scan the system for an additional vulnerability, different from the one previously exploited. Once detected, you will exploit the vulnerability in a controlled manner to understand its impact, escalate its privileges, fix it, and create a report that explains the entire process.
Phase 3 - Incident Response Plan and Certification
The final phase involves designing an incident response plan based on industry best practices, such as the NIST recommendations. As part of this exercise, you will develop an Information Security Management System (ISMS) in accordance with the ISO 27001 standard, which will include measures to prevent data leaks through Data Loss Prevention (DLP) policies.
Objective: Conduct a forensic analysis to block the exploit, fix the vulnerability, and prevent the attacker from escalating.
grep
to review system logs (for example, /var/log/auth.log
for SSH connections).systemctl stop service
) if necessary.Objective: Scan, detect, and exploit a vulnerability different from the one previously exploited and create a report that explains the entire process.
Nmap
.Objective: Design an incident response plan based on best practices and develop an Information Security Management System (ISMS) in accordance with the ISO 27001 standard.
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response
Difficulty
intermediate
Average duration
3 hrs
Technologies
Networking
cybersecurity
penetration testing
forensic analysis
incident response