DP-Range Practical Cyber-attack & Response Workshop I
Registered RTTP course
Being a public course registered under the Reindustrialisation and Technology Training Programme (RTTP), company applicants are eligible for a training grant equal to 2/3 of the course fee upon completion of the course* (*with attendance of no less than 70% of the training hours). Details of RTTP can be found at https://rttp.vtc.edu.hk.
This course is jointly offered by PEAK and Datalink Business Solutions Ltd, an IT/OT security specialist in HK. Incident response teams and SOC analysts need to constantly refresh their knowledge and skills to remain updated with the everlasting changes in the cyber security threat landscape. Delivering hyper-realistic cyber training scenarios updated with the most relevant and current threats improves incident handling, teamwork, compliance skills, workflows, runbook usage, and other operational skills which are crucial to the success of the incident response operation.
Industry 4.0 brings not only advancement in productivity, but also a new surface for cyber-attacks. The used-to-be isolated OT networks of public utilities and factories are now plugging-in to the Internet. They may promptly deploy the newest security technologies to protect themselves from the threats from the Internet. Yet some still found themselves victims of cyber-attacks, e.g. various organizations in Ukraine were attacked in 2017. It is because security personnel need to be trained to fully utilize the security controls and protect the organization.
Cyber range, an isolated network environment for practicing network analytic and incident response skill, has now evolved from the used-to-be hardware-oriented form to the software-based simulated form. This provides a flexible, low-cost, scalable solution for securitypersonnel training. Our course will use the state-of-the-art DP-Range, a cyber range platform from Cyberbit of Israel, by far the only software-simulation training facility that includes both Information Technology (IT) and Operation Technology (OT) attack scenarios, to provide trainees with hands-on experience in handling different incidents. This is the same simulation platform used globally by various Universities, IT/OT security training institutions, and defense & military organizations.
By providing a highly realistic simulated network environment and professional guidance, the workshop aims at leading participants to put theoretical knowledge into practical application when responding to various cyber-attacks, thus accumulate experience and build confidence for facing such situations. Upon completion of the workshop, participants should be able to
- Identify key network security components (e.g. IDS, SIEM, firewall, etc.)
- Understand the formation and different roles in an SOC team
- exercise incidents response common practice
- Extract useful information from audit trails
- Analyze the information to identify an attack and its scope of effect
- Propose and determine actions to mitigate an attack
- Determine how to recover from an attack
Novice SOC (Security Operations Centre) Analysts
Basic SOC experience and cyber knowledge
• Recognize common threat behaviors and attack vectors
• Use incident response best practices when handling threat alerts
• Perform forensics data collection and investigations after an attack
- Understanding Cyber-range and Kill-chain
- Architecture of the cyber-range
- Demonstration of various cyber kill-chains
- Attack Simulation and Practical Incident Response
- Trainees will apply knowledge of proper incident response in the highly realistic simulatedenvironment to eventually mitigate the risks.
- Trainers will provide guidance and after action review.
- Simulate 3 cyber-attack scenarios on the DP-Range platform
- Scenario 1: SQL Injection or DDoS SYN Flood
- Scenario 2: Apache Shutdown or Trojan Data Leakage
- Scenario 3: Java NMS Kill or Man-in-the-middle
The Course is delivered by Cyberbit and Datalink Certified DP-Range Instructors who have over 10 years of experience in building and consulting Information Security systems. All members of our DP-Range Instructor team are industry veterans with specialist trainings.
Please use the attached enrollment form and follow the “Notes for Applicants” in the form to apply for courses.
All places are allocated on a first-come-first-served basis. Incomplete forms and forms received without payment will be regarded as unsuccessful applications.
Deadline for Application
14 working days (Exclusive of Saturdays) prior to class commencement date.
Notification of Class Commencement
Successful applicants will be notified of the class information by the contact method specified on the enrollment form at least 3 working days before class commencement. PEAK will not be responsible for the loss of class notification sent by mail. Please contact us if you do not receive the notification before the class commencement (Tel.: 2836 1906).
Course fees paid are also non-refundable, except for cases of unsuccessful applications and course cancellation or rescheduling. Fees paid and places enrolled are also not transferable, and request for course swapping will not be entertained.
Trainees will sign and collect the receipt at the first lesson. Fees paid after the enrollment deadline may result in delay in receipt issuing. For those who have not collected the receipts at the first lesson, our staff will contact them for picking up / mailing arrangement. PEAK will not be responsible for any loss in mailing. Trainees will be required to pay an administrative charge of HK$100 for their request for each additional receipt copy. Please send crossed cheque payable to “Vocational Training Council” with a written application attention to “The Course Team” of the Institute. (Inquiry: 2836 1862)
Enrollment Form for Programme Application