(Lab) Using lessons learned from successfully attacking the power plant in Chapters 1 and 2, learn how to harden and secure ICS assets using various endpoint defenses. After completing this chapter, users will be able to:
• Validate operator inputs on HMIs
• Add safety checks to PLC programs
• Scan for malware using Yara
• Investigate Windows event logs, and set up audit policies
• Use the Windows powershell command line (ps, select-string, netstat)
• Use intermediate level Linux commands (ps, grep, netstat)
• Investigate Linux logs
• Write basic Linux host firewall rules
Hours: 2,0