Está usted visitando una publicación en la hemeroteca de CSIRT-CV.
Para acceder al portal y contenido actual, visite https://www.csirtcv.gva.es
03/01/2014
Material educatiu de la mà de l'Agència Europea de Xarxes i Seguretat de la Informació (ENISA)
ENISA (European Network and Information Security Agency), des de 2008 ha anat publicant una sèrie d’exercicis pràctics per a ajudar les persones que vullguen adquirir els coneixements d’un bon CERT (Computer Emergency Respond Team).
El material està dividit en 29 exercicis que corresponen a diferents fases de la resposta a una incidència. El material està compost per dos documents: Handbook (document per al professor) i Toolset (document per a l’alumne). A més, es pot disposar d’unes quantes màquines virtuals en què el sistema ja està preparat per a dur a terme les pràctiques.
A continuació copie i apegue l’índex de la pàgina web original:
| No. | Exercise title | Handbook | Toolset | Virtual Image | Other material supporting the exercise |
|---|---|---|---|---|---|
| 1 | Triage & basic incident handling | Download | Download | Download | Online version of Exercise 1 |
| 2 | Incident handling procedure testing | Download | Download | Online version of Exercise 2 | |
| 3 | Recruitment of CERT staff | Download | Download | Online version of Exercise 3 | |
| 4 | Developing CERT infrastructure | Download | Download | Online version of Exercise 4 | |
| 5 | Vulnerability handling | Download | Download | Online version of Exercise 5 | |
| 6 | Writing security advisories | Download | Download | Online version of Exercise 6 | |
| 7 | Network forensics | Download | Download | Online version of Exercise 7 | |
| 8 | Establishing external contacts | Download | Download | Online version of Exercise 8 | |
| 9 | Large scale incident handling | Download | Download | Online version of Exercise 9 | |
| 10 | Automation in incident handling | Download | Download | Online version of Exercise 10 | |
| 11 | Incident handling in live role playing | Download | Download | Online version of Exercise 11 | |
| 12 | Cooperation with Law Enforcement agencies | Download | Download | Online version of Exercise 12 | |
| 13 | Incident handling during an attack on Critical Information Infrastructure | Download | Download | ||
| 14 | Proactive incident detection | Download | Download | ||
| 15 | Cost of ICT incident | Download | Download | Download MS Excel workbook, Downloadworkbook in open format | |
| 16 | Mobile threats incident handling | Download | Download | ||
| 17 | Incident handling in the cloud | Download | Download | ||
| 18 | Advanced Persistent Threat incident handling | Download | Download | ||
| 19 | CERT participation in incident handling related to the Article 13a obligations | Download | Download | Download data_ddos.pcap | |
| 20 | CERT participation in incident handling related to the Article 4 obligations | Download | Download | ||
| 21 | Assessing and Testing Communication Channels with CERTs and all their stakeholders | Download | Download | ||
| 22 | Social networks used as an attack vector for targeted attacks | Download | Download | ||
| 23 | Honeypots | Download | Download | Download | |
| 24 | Digital forensics | Download | Download | Download
|
|
| 25 | Identification and handling of electronic evidence | Download | Download | ||
| 26 | Identifying and handling cyber-crime traces | Download | Download | ||
| 27 | Presenting, correlating and filtering various feeds | Download | Download | Download | |
| 28 | Incident handling and cooperation during phishing campaign | Download | Download | ||
| 29 | Cooperation in the Area of Cybercrime | Download | Download |
Si ho preferiu, des d’este enllaç (PDF) es poden descarregar els documents del professor (handbook) i des d'ací (PDF) els de l’alumne (toolset), en espanyol per als 12 primers exercicis.