Methodical guidelines for performing laboratory works in the discipline "Cybersecurity Basics"

Abstract

The rapid development of digital technologies, cloud infrastructures, distributed systems, and network services has significantly increased the importance of cybersecurity in modern information environments. The growing number of cyber threats, vulnerabilities, unauthorized access attempts, malware attacks, and social engineering techniques requires future IT specialists to acquire both theoretical knowledge and practical skills in the field of cybersecurity. In this context, laboratory training becomes an essential component of professional preparation, allowing students to develop competencies necessary for secure system administration, network protection, vulnerability assessment, and cyber incident prevention. The discipline "Cybersecurity Basics" is aimed at forming fundamental practical competencies in information security, introducing students to modern cyber threats, attack vectors, methods of vulnerability exploitation, and mechanisms for protecting computer systems and network infrastructures. Particular attention is paid to the practical application of cybersecurity tools in controlled virtual environments, which enables students to gain direct experience with attack simulation and defense mechanisms under safe laboratory conditions. These methodical guidelines are intended for full-time and part-time students of the first (Bachelor’s) level of higher education in specialties F2 – Software Engineering, F3 – Computer Science, and F6 – Information Systems. The publication has been developed in accordance with modern educational requirements for cybersecurity training and provides methodological support for performing laboratory works aimed at mastering basic practical aspects of cyber defense and ethical security testing. The laboratory course includes practical tasks covering essential cybersecurity topics such as virtualization of laboratory environments, secure deployment of penetration testing systems, analysis of vulnerable software platforms, exploitation of known vulnerabilities, secure remote access configuration, password attack methods, and implementation of defense mechanisms against brute-force attacks. A significantpart of the practical work is performed using the specialized operating system Kali Linux, which is widely used in cybersecurity education and professional penetration testing practice. The first laboratory work focuses on deploying and configuring a aboratory based on Kali Linux, enabling students to create an isolated environment for further experiments. The second laboratory work introduces vulnerability analysis and backdoor exploitation using the training platform Metasploitable, which allows safe study of typical exploitation scenarios. The third laboratory work addresses secure configuration of OpenSSH services in Linux systems, emphasizing secure remote administration principles. The fourth laboratory work examines brute-force attack tools and password attack methodologies, while the fifth laboratory work is devoted to practical research of protection methods against brute-force attacks and implementation of corresponding defensive configurations. Each laboratory work includes methodological instructions for preparation, theoretical materials, practical task examples, individual assignments for performance, and control questions for assessing the acquired knowledge. Such a structure ensures systematic mastering of cybersecurity fundamentals and promotes the development of practical skills required for future professional activities in the field of software engineering, computer science, and information systems security. The completion of these laboratory works contributes to the development of practical competencies in secure system configuration, vulnerability identification, attack analysis, and implementation of modern cybersecurity protection mechanisms, which are essential for contemporary IT professionals working in increasingly complex digital infrastructures.