Learning Outcomes

What do I want you to take away from this course? Let’s split up the desired learning outcomes into conceptual outcomes and skill-based outcomes. Basically, what I want you to understand and what I want you to be able to perform after taking this course.

Conceptual Learning Outcomes

  • Understand and explain ethical, legal, and responsibility considerations during red teaming.
  • Understand and explain the differences between OPSEC, responsibility, ethics, and legality as they pertain to red teaming.
  • Understand client data handling best practices.
  • Explain the concept of “Break Glass Protocol.”
  • Explain the risks of transmitting client data from target to teamserver during red team operations.
  • Explain the risks of cloud assets when used for red team operations.
  • Describe payload keying techniques and how to avoid inadvertent detonation.
  • Describe practices that reduce the risk of malware emulation.

Skill-based Outcomes

  • Analyze an engagement scoping document and identify areas that require further clarification.
  • Create a basic terminal logging script that ships terminal input/output to offline log storage.
  • Provision and configure ELK, Fleet, and Sysmon for Linux to enable robust logging and auditing on red team infrastructure.
  • Use YARA to create a repository of malware indicators for release in a “Break Glass Protocol” scenario.
  • Create a basic red team command and control (C2) hybrid-cloud environment manually that focuses on operational safety.
  • Configure ingress firewall rules and allow lists to lock down allowed inbound traffic to specific values.
  • Develop emulation malware that uses payload keying techniques to ensure target accountability.
  • Complete a simulated red team operation while considering responsibility at each step.

Complete and Continue