Fairfield's Innovative Cybersecurity Lab:

Bridging Theory and Practice

Get More Information

Fairfield Cybersecurity Professor teaching class and pointing at a TV with programming languages

State-of-the-art Cyber Lab

Fairfield University’s fully online Master of Science in Cybersecurity program offers students an innovative learning experience through its remote cybersecurity lab. The lab is a state-of-the-art, isolated network infrastructure managed internally, providing an ideal environment for hands-on learning. Completely air-gapped from the university’s network, it allows remote access via VPN connections.

The lab’s unique setup enables online students to experience firsthand the topics covered in class by our faculty. It offers an opportunity to execute key cybersecurity scenarios that can mimic real-world cyber threats, providing a realistic platform for practical exercises. The lab equips students with critical thinking and the technological skills to monitor, mitigate, and prevent online security threats. The lab is also utilized to test new monitoring software and techniques that may later be implemented in Fairfield Universitys own production infrastructure.  

Practical Scenarios

The lab is designed to enhance the online coursework thereby challenging students to collaboratively solve sophisticated cybersecurity challenges. Here are three key focus areas that students work on that align with career-ready skills.

 

Cyber Lab Exercises

Instructors use virtual machines to create specific exercises that can be used as demonstrations or assignments for students during classes. Mirco Speretta, Associate Dean of the School of Engineering and Computing and cybersecurity program director shares examples of hands-on exercises tailored to prepare students with real-world scenarios they will encounter in their cybersecurity careers.

  • Server Vulnerability Testing: During Cybersecurity Awareness Month in 2024, we utilized the cybersecurity lab and the security operation center for a red team (faculty) vs. blue team (ITS security) demonstration. The goal was to access a designated server on Fairfield University’s network.

  • Blackbox Testing of Production Environments: During the Fall semester of 2024, we collaborated with Fairfield University’s ITS security team for reconnaissance and scanning activities from the cybersecurity lab toward the university’s production infrastructure. Ethical Hacking class students, under NDAs (Non-disclosure Agreements), used specific pen testing software and techniques. Their findings were instrumental in enhancing the university’s cybersecurity posture, and the project was showcased at the 2024 Educause Cybersecurity and Privacy Professionals Conference.

  • Security Analyst Boot Camp: Our boot camp is designed for professionals aiming to transition into the Security Analyst role. The cybersecurity lab facilitates hands-on exercises, including DDoS attacks, SIEM like SPLUNK, and vulnerability scans using tools such as Nmap and NESSUS.

Cyber Lab Tools

The cybersecurity lab is equipped with advanced tools essential for comprehensive cybersecurity training. Here are some helpful definitions.

  • DDoS Attack (Distributed Denial-of-Service): A cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites.

  • Heartbleed SSL: This is a serious security bug in some outdated versions of the popular OpenSSL, an open-source cryptographic library that implements the Secure Sockets Layer (SSL) and Transport Security protocols (TLS). This weakness allows for the theft of information that would typically be protected by SSL and TLS encryption.

  • Nmap (Network Mapper): Open source utility for network discovery and security auditing. It’s a popular tool for network administrators to map their networks and perform a variety of tasks.

  • NESSUS: Remote security scanning tool that scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to the network.

  • SIEM (Security Information and Event Management): A security solution that helps organizations identify and address potential threats and vulnerabilities before they disrupt business operations. SIEM tools collect and analyze data from various sources, such as logs, network traffic, and user activities, and aggregate them into a centralized platform for real-time security monitoring.

  • SPLUNK: An SIEM Software for cybersecurity operations offering searching, monitoring, and analyzing machine-generated data along with incident response and management to threat detection and threat hunting.

Real-World Exercise Simulations

Our cybersecurity lab supports various hands-on activities integral to our cybersecurity curriculum and Security Analyst Boot Camp. Each participant is assigned a Virtual Machine for these exercises.

  • Distributed Denial-of-Service (DDoS) Attacks” We created a website within the lab environment. During a live session, Boot Camp participants launched simultaneous attacks on the site using various programs, demonstrating the degradation of performance and eventual crash of the server.

     

  • Website Session Hijack: Participants analyzed a weblog containing a session hijacking incident scenario. Using SPLUNK, they identified the compromised session within the log files, providing insights into detection and prevention techniques.

     

  • Vulnerability Scans” We configured a virtual machine with a specific vulnerability using Heartbleed SSL. Participants used Nmap to discover the vulnerable device and NESSUS to scan a virtual machine with multiple vulnerabilities. We then reviewed the generated report and discussed potential remediation strategies.

Join the Next Generation of Cybersecurity Leaders

The remote cybersecurity lab at Fairfield University offers a comprehensive, virtual, hands-on learning environment for students and professionals. Its isolated, secure setup enables practical exercises that bridge theory and practice, preparing participants for real-world cybersecurity challenges and dynamic careers.

Learn more about Fairfield University’s MS in Cybersecurity program

Fairfield Mission

Visionary by nature.
Jesuit Catholic by origin.
The driving force of Fairfield is our mission — to impact the world. It prompts us to ask important questions, to embrace our social responsibilities, and to lead by example. And it’s what has made us a premier institution in the Northeast. Let the mission be part of your journey.

Get More Information