-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathContoso01-Lab-gear
More file actions
151 lines (111 loc) · 3.73 KB
/
Contoso01-Lab-gear
File metadata and controls
151 lines (111 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
Hardware
Servers
Dell PowerEdge R740
2x Intel Xeon Silver 4214R
1.5TB RAM
8 x 2TB SSD
Windows Server Datacenter with Hyper V role
Dell PowerEdge R710
2x Intel Xeon
288GB RAM
8 x 2TB SAS
Windows Server Datacenter with Hyper V role
Dell PowerEdge R710
2x Intel
288GB RAM
8 x 2TB SAS
Windows Server Datacenter with Hyper V role
Dell PowerEdge R710
2x Intel
288GB RAM
8 x 2TB SAS
Windows Server Datacenter with Hyper V role
Dell PowerEdge R510
2x Intel
32GB RAM
12 x 6TB SAS
Windows Server Datacenter with Hyper V role
Workstations
Varioua Dell laptops and desktops
Intel Processors
32GB RAM
512GB SSD
Windows 11 Pro
Network Devices
Cisco Catalyst 3850x Series Switches
Cisco ASA 5506-X Firewall
Storage
Qnap 869 Pro
8x 6TB HDDs configured in RAID 6
Monitoring and Display Systems
Hi-Sense 75in
Software and Tools
SIEM (Security Information and Event Management)
Splunk Enterprise - for firewall log only
Manage Engine log360 - for swicthes and firewall and Domain controller logs
Endpoint Detection and Response (EDR)
Wazuh
Velosoraptor
Zabbix
Intrusion Detection and Prevention Systems (IDPS)
ASA built in IDS
Security Onion
Threat Intelligence Platforms (TIP)
Wazuh
Vulnerability Management
Manage engine Endpoint Central
Forensics and Incident Response
Autopsy
FTK (Forensic Toolkit)
Malware Analysis
Cuckoo Sandbox
Ghidra
Network server and app monitor
Whatsup gold
Observium
Virtual Machines (VMs)
Hyper V
Traffic Generation Tools
Ostinato
Mausezahn
Collaboration and Communication Tools
Goodle Workspace
Microsoft Teams
Ticketing System
Manage Engine Service Desk Plus
Documentation and Knowledge Base
in house wiki
Book stack
File share storing the orginal documents
Training Environment and Modules
Cyber Range
Isolated network environment for live attack simulations
Tools: Cyberbit Range, Immersive Labs
Training Curriculum
Structured modules on various cybersecurity topics
Platforms: SANS Cyber Aces, Cybersecurity & Infrastructure Security Agency (CISA) Training
Documentation and Resources
Manuals, guides, and reference materials provided through Confluence and SharePoint
Physical Security
Access Control
Fingerprint Scanners
Surveillance
Wyze IP Cameras
Network Video Recorder
Door and window sensors
Layout
Server Room
Dedicated space for servers, storage, and network devices.
Controlled environment with cooling and power backup.
Workstations Area
Multiple desks with workstations for employees
Dual-monitor setups for better visibility and multitasking.
Monitoring Room
Large displays for real-time monitoring.
Workstations for SOC analysts with SIEM and other tools installed.
Collaboration Space
Meeting room equipped with video conferencing tools.
Whiteboards and collaboration software for planning and debriefing sessions.
Training and Simulation Room
Isolated environment for running cyber range exercises.
Equipped with workstations and networking devices for hands-on practice.