courses
Free

Non-Standard Port

Many organizations still don't block unknown outbound ports. This allows adversaries to leverage them for command and control activities. Even if you are blocking these ports adversaries can use standard ports with different protocols to avoid detection. Learn how to detect and thwart this command and control behavior to secure your environment.
Share
Start CourseSubscribe for UpdatesNeed to train your team? Learn more
Create Free AccountNeed to train your team? Learn more
1
0
M
Time
intermediate
difficulty
1
ceu/cpe

Course Content

Non-Standard Port
What is a Non-Standard Port?

5m

Non-Standard Port
Detection, Validation, and Mitigation (Lab)

55m

Non-Standard Port
Course Description

Once an adversary has found their way into your environment, gotten a good look around, and decided it’s worth an extended stay, they will often set up command and control (C2). Although there are numerous ways to accomplish this goal, one of them is to allow these mechanisms to communicate over ports an organization may not be watching or blocking. Even more clever is when these C2 infrastructures communicate over known, encrypted ports such as HTTPS on 443. Although this behavior can be tricky to spot, it is possible with the right approach.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by financially motivated threat group FIN7. Prevent adversaries from accomplishing the tactic of Command and Control in your environment today.

This course is part of a Career Path:
No items found.

Instructed by

No items found.
Provider
Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a Non-Standard Port Certificate of Completion