IT-Security Training for Administrators

Online course with own LAB environment for practical hacking exercises

This video will be loaded from YouTube while playing. By clicking here you accept the data protection declaration of HVS Consulting / IS-FOX and YouTube.

Participant Feedback

Graphical illustration of an evaluation
This video will be loaded from YouTube while playing. By clicking here you accept the data protection declaration of HVS Consulting / IS-FOX and YouTube.

Screenshot of the explanation how the training works
Screenshot of the LAB environment
Screenshot of the NMAP Scan exercise
Screenshot from Eternal Blue Hacking
Screenshot of a LAB section
Screenshot of the explanation of the TIER model from Microsoft

Chapter Overview: Security Training for IT Administrators

The content for administrators has been created by incident response experts and has been successfully implemented and optimized in classroom trainings for years. All scenarios are based on real APT attacks by current hacker groups and are therefore highly relevant.


Introduction & Basics:

  • How does the training work?
  • How do professional APT attackers proceed?
  • Why are they so dangerous?
< >

The APT Kill Chain

Reconnaissance: Reconnaissance of the target area through research and scans.
LAB exercise Scan of the environment with nmap and construction of the infrastructure map of the LAB.

Analysis: Detection of weak points with Nessus Report and development of the attack strategy.

Exploit Linux: Intrusion into Linux systems.
LAB exercise SSH Brute-Force with Hydra.

Exploit Windows: Intrusion into Windows systems.
LAB exercise Eternalblue (NSA Tool) with Metaspoit.

Lateral Movement: Take over of further systems and extension of rights up to Domain Admin.
LAB exercise 'Pass the Hash' with mimikatz and access to domain controllers with psexec.

< >


Patching & Hardening: LAB exercise exploitation of Shellshock with meterpreter on Linux.

  • Patch your systems promptly
  • Harden your systems

Secure Administration: LAB exercise usage of captured Linux passwords on other systems.

  • Use different passwords
  • Stick to RBAC and the principle of least privileges
  • End RDP sessions properly (with explanation of RDP hopping)
  • Use Password Manager, avoid hardcoded passwords
< >

Detection & Response

Detection / Vulnerability Management: 'Detection is a must nowadays'.

  • Introduction of the different detection instruments (NIDS, SIEM, EDR).
  • Explanation SOC / CERT.
  • Fix detected vulnerabilities promptly.
  • Be vigilant yourself and watch out for anomalies.

In an emergency: correct behavior in an emergency with/without CERT.

  • Isolate the systems
  • Do not change system status
  • Clearly document what you are doing.
< >

Social Engineering

Phishing & Social Engineering: You can be manipulated too, you just need a different bait.

  • Do not click on unknown attachments
  • Do not surf with administrative rights
  • Avoid dubious pages
< >


Final test with multiple choice questions

If you pass, you will receive a certificate for download

< >

Demo access? Further Information?

Get in contact with us!

A lot of good reasons

Visualization of efficient training
Highly efficient training
The combination of e-learning and LAB enables you to reach your administrators all over the world, especially in the regions. This is essential for risk reduction, because most modern cyber spies do not attack the headquarters, where they expect strong security measures and trained staff. They attack the subsidiaries and external locations, since the security level is usually lower there and a 'flat network' without segmentation promises fast access to the core systems.
The best of two worlds
Visualization of learning success
Learning success guaranteed
The main problem in the security awareness of IT administrators is the lack of understanding and involvement. After all, secure administration makes everyday work more complicated and nobody knows why. Therefore, policies are usually not implemented sufficiently. In this training your administrators take the view of an attacker and use current attack tools in the LAB. This results in a very high level of personal involvement and understanding for the required security measures. This is the foundation for behavior change.
Visualization of internationality
Internationally applicable
The Security Training for Administrators is available in German and English. It is Scorm compatible and can therefore either be integrated into your own learning management system (LMS) or provided by us as a cloud service. The Security LAB for Administrators simulates a company network with several prepared Windows and Linux systems and contains up-to-date attack tools. There, the participants put the acquired knowledge into practice.
Visualization of integrated policies
Policies can be integrated
In principle, no individual customizations are necessary. However, we have provided numerous places where you can integrate your relevant documents and policies (hardening guides, emergency processes, etc.) on demand. As part of this customizing, we will of course also integrate your company logo and name your security contacts (SOC, CERT, Defense Center, ISO, etc.).
Visualization of a fair pricing model
Fair pricing model
The Cyber Security LAB e-learning for administrators is licensed by training participants. The price for a training participant (including e-learning course, LAB infrastructure, operation, licenses, etc.) is between 80,- and 250,- EUR net plus VAT depending on the number of participants and thus costs a fraction of a comparable classroom training... but delivers practically the same learning success.