Our Scenarios
Security Monitoring

Website Defacement – CYBERSPACE

Scenario Information

You part of the Official National Organization (ONO) Blue Team, tasked with defending and responding to outsider attacks.

A few days ago your team received a threat intel report stating that an unknown hacker collective is demanding a ransom payment from your organization, otherwise they have threatened to carry out an imminent attack against your publicly-facing website

You and your team have been tasked to defend and respond against any such attacks.

What you will learn

  • Reviewing network traffic logs
  • Reviewing web application logs
  • Finding and fixing vulnerabilities in web application source code

Technical Details

  • This scenario is comprised of the following virtual machines:
    • A virtual machine running QRadar
    • A virtual machine running the ONO website

Credentials

Qradar Web interface:
admin/P_assword7

website SSH:
analyst:analyst

Pre-requisites

It is recommended, but not necessary, to be familiar with the following concepts: 

- System Administration 

- Analyzing network traffic logs 

- Analyzing Apache logs 

- Web Application security vulnerabilities

  • MODESINGLEPLAYER
  • TYPECCL
  • DIFFICULTYHARD
  • TIME120 MINUTES
  • COST100000 CRYSTALS
SHARE