The center maintains state-of-the-art information assurance network laboratories. In the labs network attacks and countermeasures are demonstrated and new defensive methods are tested. Simulations also play a vital role in the hands-on experience provided to lab participants. The labs include:
SCADA/Control System Lab
This new and expanding lab has been established to promote awareness and provide direction in the protection of "behind the door" systems such as electrical, and water distribution throughout government facilities.
Cyber Attack and Defense (Hacker)
Provides a hands-on introduction to an assortment of tools and techniques that could be used by hackers to compromise computer networks, and methods for mitigating the attacks. The focus is on the broad availability and ease of use of technical and non-technical hacker tools, and the ultimate levels of damage that hackers could cause. The vulnerabilities and protections inherent in several operating systems are explored along with application security features. Each student participates in and observes the results of scanning, sniffing, share compromise, password capture and breaking, denial of service, Trojan execution, and steganography.
Firewalls and Intrusion Detection Systems Lab
Based upon a pre-established policy, participants work to program a firewall to halt the ingress or egress of communications based upon a) address of origination or destination, b) port access, c) protocol access, or d) application program access. They also examine intrusion attack signature identification, programming, and logging.
Participants utilize biometric devices for enrollment and authentication. Participants receive hands-on activity with numerous devices including fingerprint scanners, voice identification equipment, camera based face print identification, hand geometry identifiers, and iris scanners. Based upon device tuning, participants experience the impacts of false positives and false negatives. Issues in network based registration and authentication are discussed. Participants experience insight into the cost and effectiveness of the different biometric approaches.
Wireless Security Lab
Participants are issued portable computers or personal digital assistants with wireless access cards. Using specialized software they work in teams to locate and identify unprotected and protected wireless access points. Participants are introduced to methods for breaking simple wireless encryption schemes and are educated in proper methods for locking down unauthorized access.
Pretty Good Privacy (PGP) Lab
Participants experience the process of using a freeware package called PGP to encrypt, send, and decrypt an email message.
Using hands-on cases participants learn methods for identifying, screening, and securing organizational policy infractions and cyber crime incidents. Participants are provided an opportunity to use a package, used primarily by law enforcement, to discover and safeguard forensic evidence. The impact of encryption on forensic discovery is discussed. Participants are educated in software and physical based methods for the proper permanent removal of data from storage devices.
Voice over Internet Protocol (VOIP) and Radio Frequency Identification (RFID) Lab
Participants witness the vulnerabilities associated with using traditional computer networks for voice traffic. VOIP packets are captured and deciphered to listen to voice conversations. Methods for safeguarding against these types of attacks are covered. Weaknesses in the RFID handshake process are also demonstrated. The potential compromise of applications using RFID, such as inventory and personnel identification, is addressed.
This lesson allows for the participants to play the role of a system protector, discover points of exploitation, and apply appropriate countermeasures in the management of security in a network environment over a simulated one-year period. The CyberProtect simulation is presented and discussed before participants begin planning and acquiring their defenses for the hacker attacks. The participant, acting as an IT manager, must procure and deploy defenses such as firewalls, intrusion detection systems, virus scanning programs, end user education, and product updates/upgrades. These defenses must effectively combat attacks against the network infrastructure. Participants receive an information systems security report from the simulation for each of four quarters to show how effective their defenses have been.
3D/Virtual Worlds (VW) Security Lab
The lab allows for participants to enter a VW as an Avatar in a secure 3D environment within the air-gapped network in the IA Lab. In this professor led demonstration lab, the participants will experience many of the known attacks and threats available to hackers, crackers and untrained users in cyberspace. The lab is designed to insure that participants are aware of the threats and vulnerabilities in these VWs and gives them hands-on experience with deploying countermeasures and assessing the residual risk which cannot be mitigated in these 3D Worlds. Participants discuss, experience and learn to recognize some of the warning signs, review industry best practices for dealing with these VW specific security issues and finally see the results of deploying these safety measures. Overall topics : IT Risks, Identity and Access Management, Confidentiality, Reputations and Productivity
National Defense University