BlueCat Learning Lab Curriculum

BlueCat Learning Labs 

INTEGRITY

INTEGRITY Lab 1 - Getting Started

• Logging in & changing passwords
• Customizing Table Columns
• Customizing the Addresses Table
• Using the Search Tools
• Using the data Restore Tools
• Generating Reports
• Searching Transaction History
• Using the Online Help
• Logging out

INTEGRITY Lab 2 - Blocks, Networks & IP Addressing

• Creating the IPv4 Address Space Using Blocks
• Table and Tree View
• Creating IPv4 Networks
• Find Available IPv4 Network
• Allocating IP Addresses
• IPv4 Modeling Tools: partitioning blocks into networks; splitting blocks and networks; adding a parent block; resizing blocks; moving blocks; merging networks
• Working with Network Templates
• Working with the IPv6 Address Space
• IP Allocation Report

INTEGRITY Lab 3 - DHCP Configuration

• Configuring DHCP ranges
• Using Network Templates to create DHCP ranges
• Deploying DHCP
• Viewing DHCP deployed data
• Configuring a DHCP client
• Configuring DHCP options
• Configuring DHCP Validation

INTEGRITY Lab 4 - DNS Configuration

• Creating DNS zones
• Working with DNS resource records
• Assigning primary and secondary roles
• Deploying DNS data to the DNS servers
• Configuring Start of Authority Records
• Managing Reverse DNS
• Validating DNS deployment
• Configuring Start of Authority records

INTEGRITY Lab 5 - DNS Architecture

• Configuring Access Control Lists (ACLs)
• Configuring a Caching-Only recursive DNS server
• Limiting recursive queries to internal IP addresses
• Configuring Global Forwarding
• Reassigning Primary and Secondary deployment roles

INTEGRITY Lab 6 - Server Administration & Monitoring

• Adding BlueCat DNS/DHCP Servers to a Configuration
• Resetting BlueCat DNS/DHCP Servers
• Adding the Server Statistics Widget
• Creating Notification Groups

INTEGRITY Lab 7 - User Access Management

• Working with LDAP groups
• Working with access rights

INTEGRITY Lab 8 - Dynamic DNS

• Generating a TSIG key to secure dynamic updates
• Allowing dynamic updates using the TSIG key
• Creating zone declarations
• Configuring DDNS deployment options
• Testing DDNS

INTEGRITY Lab 9 - DHCP Failover

• Configuring DHCP failover
• Determining the failover state of each server
• Viewing DHCP failover configuration settings
• Obtaining an IP address from DHCP
• Testing DHCP failover
• Removing DHCP failover configuration

INTEGRITY Lab 10 - Server Management & xHA

• Building an xHA pair
• Viewing information about an xHA pair
• Testing xHA failover
• Breaking an xHA pair
• Backing up the Address Manager database
• Adding a User-Defined Field (UDF)
• Customizing tables to view User-Defined Fields

INTEGRITY Lab 11 - Securing DNS Infrastructure

• Configuring HTTPS
• Configuring a self-signed certificate
• Configuring TSIG for server pairs
• Working with DNS logging

INTEGRITY Lab 12 - DNSSEC & Advanced DNS Topics

• Creating a DNSSEC Policy
• Deploying and testing DNSSEC
• Configuring a validating DNSSEC server
• Testing a validating DNSSEC Server
• Determining who has signed zones with DNSSEC
• Configuring response rate limiting
• Configuring DNS Threat Protection
• Configuring local response policy zones
• Using response policy zone searching and reports

EDGE

EDGE Lab 1 - DNS Foundations

• DNS query responses
• Using dig to examine DNS responses
• Recursion and Forwarding

EDGE Lab 2 - Navigating EDGE

• Accessing Edge
• Finding Help
• Managing Users
• Edge Statistics
• DNS Insights
• Query Logs
• DNS Activity and Threat Activity
• Applying Filters

EDGE Lab 3 - Domain Lists, Namespaces & Sites

• Managing Edge Domain Lists
• Managing Namespaces
• Creating & Managing Edge Sites

EDGE Lab 4 - Working with Policies

• View Policies
• Create a Block Policy
• Create a Monitor Policy
• Using Exception Lists
• Block zone transfer query types
• Redirect queries

EDGE Lab 5 - Edge Workshop

• Use Case: Block insider threat
• Use Case: Malware Lateral Movement
• Use Case: Data Exfiltration
• Automation
• Siem Integration

MICETRO

Micetro Lab 1 - Micetro 101

• Install Micetro
• Add licenses
• Configure services
• DHCP scopes
• DNS zones
• Custom properties
• Reports

BCIA

BCIA Lab 1 - BCIA for Integrity

• Navigating BCIA
  
• Managing alerts
• Reviewing and resolving Integrity alerts
  
• Adding BDDS servers
• Viewing and cloning reports
• Monitoring, viewing and resolving Integrity alerts
• Splunk integration and viewing alerts in Splunk

BCIA Lab 2 - BCIA for Firewall - Palo Alto

• Navigating BCIA
• Managing alerts
• Create custom reports
• Alert analysis
• Alert remediation in the Palo Alto Web UI
• View resolved alerts
• Alerts include:
  • Auto Triage - Device Restarted
  • CVE Alerts - 3400 and 3385
  • Local Administrators Configured with No Password Profile
  • SNMP v2c/v1

BCIA Lab 3 - BCIA for Firewall - Checkpoint

• Navigating BCIA
  
• Managing alerts
• Create custom reports
• Alert analysis
• Alert remediation in the Check Point console
• Viewing resolved alerts
  
• Alerts include:
  • DNS servers do not match
  • Auto Triage - Cluster member no longer Active
  • Clustered Mismatch Devices
  • Dynamic CVE alert generation