• Separate CPM and PSM if needed
• PSM and CPM will have different size requirements 
• PSM (1-10, 11-50, 51-100) sessions
• CPM (<1000, 1000-20000,20000-100000, 100000+ ) managed passwords

• 8 Cores, 8GB RAM
• Windows Server 2016 or 2019
• Domain Joined (for full PSM features)
• All connector servers need to be deployed into an OU that has GPO inheritance disabled

• Components : PSM, CPM, Identity Connector (2 for resilience ), Secure Tunnel (2)
• PSM best practice for HA
• CPM Active /DR best practice
• AAM  - separate VM
• PSM for Unix - Separate

• Domain Joined
• LDAPS
• Read permissions on the deleted objects container
• Domain admin
• Delegate read permissions to a service account
• https://
  docs.cyberark.com
  /Product-Doc/OnlineHelp/Idaptive/Latest/en/Content/CoreServices/Connector/Add-AD.htm?tocpath=Setup%7CAdd%20Users%7CAdd%20users%20from%20an%20external%20directory%20service%7C_____1#Userandpermissionrequirements

• RDS license server
• RDS Cal on your connector server
• Windows 2019 Per-User CAL if Connector Server OS is 2019
• Per-device CAL
• RDS should not be installed prior to the implementation

• script to validate required network traffic and local settings: https://
  cyberark-customers.force.com
  /s/article/Privilege-Cloud-How-to-run-the-PSMCheck
• Privilege Cloud Checklist: https://
  cyberark-customers.force.com
  /s/article/Privilege-Cloud-Remote-Access-PreImplementation-Checklist
• Remtoe Access for Privilege Cloud: https://
  cyberark-customers.force.com
  /s/article/Privilege-Cloud-PreImplementation-Checklist

Identity Connector Installation

Connector Management

Install Connector to a new Connector server

1. Sign in to the CyberArk Identity Security Platform Shared Services using the link provided in the CyberArk email.

2. Click the service picker, and select Connector Management.

   

3. On the Connectors page, click Add a connector.

4. In the Add connector wizard > Define installation details tab define the following details for the Management Agent in the host machine:

   

CyberArk Identity Administration:

Create Users

Create / Modify Role - Add Members

Create Policies

• Main CyberArk Site
• CyberArk Support Portal
• CyberArk Secure File Exchange (SFE) Support Vault
• UNOFFICIAL CyberArk REST API v9.8 Live Documentation (Postman)
• CyberArk REST API on GitHub.io
• RegEx101 - for configuring AllowedSafes++
• CyberArk Official YouTube

on [ ~ ]$ az network public-ip create        --resource-group free-wi        --name pip-basic-free-win1        --location westus2        --sku Basic        --allocation-method Dynamic 
It's recommended to create with `--sku standard`. Please be aware that Basic option will be removed in the future.
{
  "publicIp": {
    "etag": "W/\"63bff67a-386a-4925-ba95-63ac0e1e2b33\"",
    "id": "/subscriptions/688fe555-a9ee-4f82-897f-3a91356b2536/resourceGroups/free-wi/providers/Microsoft.Network/publicIPAddresses/pip-basic-free-win1",
    "idleTimeoutInMinutes": 4,
    "ipTags": [],
    "location": "westus2",
    "name": "pip-basic-free-win1",
    "provisioningState": "Succeeded",
    "publicIPAddressVersion": "IPv4",
    "publicIPAllocationMethod": "Dynamic",
    "resourceGroup": "free-wi",
    "resourceGuid": "c30057c8-4760-43d1-aa98-136d07fe51a3",
    "sku": {
      "name": "Basic",
      "tier": "Regional"
    },
    "type": "Microsoft.Network/publicIPAddresses"
  }
}
jon [ ~ ]$

You will need to assosiate this basic SKU dynamic public IP to your VM manually. 

Free Account Virtual Machine

The easiest way to create a free account virtual machine from Microsoft Azure Marketplace:

For Windows Machines

You will need to choose 60GB (P6) to be eligible for free account. If you choose wrong, even smaller size, you will get some kind of storage charges.

The daily charge comes from storage since this VM size is using s10 disk type . Daily charge will be around $0.25. It was not that much but I really want to find out how we can really enjoy the free tier services as much as we can.

After some research and I found that is because of the image we selected for this VM. If I am use those predefined Windows 2012 image, it will come with 128GB S10 disk.

To avoid that, I will have to choose [smalldisk] image, such as [smalldisk] Windows Server 2012 Datacenter or [smalldisk] Windows Server 2012 R2 Datacenter as show from following screenshot:

Note: Small Disk image will only give you 30GB OS disk from wizard. But you can resize it to 64GB P6 level. 

After that , in Disks window, you will have disk options available for you to choose a free account eligible P6 disk.

[Updated on April 2022] The method is still working, but the interface is different. 

If you want to be fully deducted by the free quota of Azure, there are mainly the following three pitfalls: The first is that the availability option must choose no infrastructure redundancy, otherwise you will be unable to use the dynamic IP of the basic SKU, so Microsoft will give You will not be able to use the quota of your dynamic IP; the second Windows system image must be marked with smalldisk, otherwise it will not be able to be compressed back because the system disk is larger than the P6 SSD; the third is the instance and disk type, the instance must be B1s, and the disks are premium SSDs (P6 64GB) (not standard SSD or HDD).

Here are some screenshots when you are trying to find out "Small Disk" image from Marketplace's Windows Server image:

Again, small disk image will give you only 30G P4 size disk for your VPS VM. 

You will have to stop the VM and go to disk page to resize from P4 32GB to P6 64GB for free tier usage.

For Linux Machines

It should be very straightforward. Only thing you will need to pay attention to is the disk size. You  will need to choose 64GB P6 Free account eligible disk (64GB Premium SSD - locally - redundant storage). By default, it will give you 30GB default size.

If you missed that, you are still able to change it after you stopped Linux VM.

1）After you created your Linux VM with right size (B1S), you will need to stop it before you can resize it.

2) After Linux VM stopped, you can choose Disks from right column

3) After found your Linux Disk, choose Configuration. You will find the option to choose your disk type and size. Change size from 30 to 64. After enter 64, you will find both IOPS and throughput limit changed to better value. 

4) After made the disk size change, go back to virtual machine page to start your Linux VM . 

Public IP Address - Create New & Choose Dynamic One

Microsoft Azure will charge you if you are using a static Public IP address. 

[Updated on April 2022] 

By default, Microsoft Azure will allocate you a static public ip address. 

If you would like to have dynamic public ip, you will have to go through create ip option to get a basic SKU and dynamic ip.

If you missed this step, you will have to stop your VM, disassociate your public ip to delete the static public ip then create a new dynamic one to re-associate to your VM.

Increate Virtual Memory

Ideally, your paging file size should be 1.5 times your physical memory at a minimum and up to 4 times the physical memory at most to ensure system stability. For example, say your system has 8 GB RAM. You can calculate your minimum paging file size with this equation: 8 GB x 1.5, and your maximum paging file size with this one: 8 GB x 4. The totals would be 12 GB and 32 GB of RAM respectively. ()

By default, paging file is system managed by using a temporary storage driver D which has 4GB.

Once VM is up, it will only use 512MB on D drive. That is actually too small for you to run other applications. 

To maximize the performance, you might want to increase it to initial size to 2048 and Maximum size to 3072. The reason why maximum size is not set to maximum size as show the following screenshot, it is still some available space for other temporary  files or folders. In this kind of set up, we still keep 1GB for those temporary system files on D drive.

“\Paging File\% Usage” displays the percentage of the paging file that is currently in use. A paging file is a hidden, optional system storage file on a hard disk. The paging file extends the RAM’s capacity because it stores RAM data that has not been used or accessed lately. Operations that exceed the limited RAM space are automatically sent to the file to be stored if you have the paging file enabled.

If your counter shows that your paging file has reached or is nearing 100% current usage, then your system and applications will not be able to function properly. You want your paging file to be large enough that, at any given time, only 50% to 75% of it is being used at most.   

 

One of these three solutions should resolve your paging file problems:

 

1. Identify and address which application/services are using the most of the server’s memory.

2. Add on to your memory.

3. Increase your paging file size.

Others

• 从cloud shell用命令建的机器不指定其它参数的话默认是d系列，两个硬盘，都不免费。
• 从cloud shell上stop机器的话收费照旧因为占用的资源依旧保留。一定要deallocate。

Microsoft Partner Benefits

[2025-06-02] Microsoft Partner Launch Benefits

https://partner.microsoft.com/dashboard/v2/membership/offers
lowest partner membership Cost: CA$468.00 + Applicable taxes

Partner Success Core: CA $1214.40

Partner Success Expanded: CA $5420.40

Solutions Partner designation: CA $6417.60 

Benefits:

Videos

Updated video on Apr 2022

References

• 【Azure】免费Windows实例dd安装官方Linux
• Azure 免费服务踩坑记录
• Azure 跨订阅迁移资源踩坑记

• Examples:

  A third-party email service provider used by a company to send marketing emails, a cloud storage service provider storing data for a company, or a software company providing services that involve data processing. 
• 
  

1. Governance
2. Regulatory Compliance
3. Data Processing and Handling
4. Data Subject Requests
5. Privacy by Design
6. Notices and Consent
7. Incident Response
8. Privacy Risk Assessments
9. Information Security
10. Third-Party Management
11. Awareness and Training
12. Program Measurement

Privacy Law

The California Consumer Privacy Act (CCPA) is California’s data privacy law that took effect on January 1, 2020.

The CCPA empowers California residents with enforceable rights over the personal information they generate every day online.

GDPR

CCPA vs GDPR vs CPRA

Lab Scenario

The information gathered in the previous labs might not be sufficient to reveal potential vulnerabilities of the target: there could be more information available that may help in finding loopholes. As an ethical hacker, you should look for as much information as possible using all available tools. This lab will demonstrate other information that you can extract from the target using various vulnerability assessment tools.

Lab Objectives

• Perform vulnerability analysis using OpenVAS

Overview of Vulnerability Assessment

A vulnerability assessment is an in-depth examination of the ability of a system or application, including current security procedures and controls, to withstand exploitation. It scans networks for known security weaknesses, and recognizes, measures, and classifies security vulnerabilities in computer systems, networks, and communication channels. It identifies, quantifies, and ranks possible vulnerabilities to threats in a system. Additionally, it assists security professionals in securing the network by identifying security loopholes or vulnerabilities in the current security mechanism before attackers can exploit them.

There are two approaches to network vulnerability scanning:

• Active Scanning
• Passive Scanning

Task 1: Perform Vulnerability Analysis using OpenVAS

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. Its capabilities include unauthenticated testing, authenticated testing, various high level and low-level Internet and industrial protocols, performance tuning for large-scale scans, and a powerful internal programming language to implement any vulnerability test. The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs)-over 50,000 in total.

Here, we will perform a vulnerability analysis using OpenVAS.

In this task, we will use the Parrot Security (10.10.1.13) machine as a host machine and the Windows Server 2022 (10.10.1.22) machine as a target machine.

1. Click on Parrot Security to switch to the Parrot Security machine and login with attacker/toor.

   If a Parrot Updater pop-up appears at the top-right corner of Desktop, ignore and close it.

   If a Question pop-up window appears asking you to update the machine, click No to close the window.

2. Open a Terminal window and execute sudo su to run the programs as a root user (When prompted, enter the password toor).

   The password that you type will not be visible.

3. Run docker run -d -p 443:443 --name openvas mikesplain/openvas command to launch OpenVAS.

4. After the tool initializes, click Firefox icon from the top-section of the Desktop.

5. The Firefox browser appears, go to https://127.0.0.1/. OpenVAS login page appears, log in with admin/admin.

   If a Warning page appears, click Advanced and select Accept the Risk and Continue.

   

6. The OpenVAS Dashboards appears. Navigate to Scans --> Tasks from the Menu bar.

   If a Welcome to the scan task management! pop-up appears, close it.

   

7. Hover over wand icon and click the Task Wizard option.

   

8. The Task Wizard window appears; enter the target IP address in the IP address or hostname field (here, the target system is Windows Server 2022 [10.10.1.22]) and click the Start Scan button.

   

9. The task appears under the Tasks section; OpenVAS starts scanning the target IP address.

10. Wait for the Status to change from Requested to Done. Once it is completed, click the Done button under the Status column to view the vulnerabilities found in the target system.

    It takes approximately 20 minutes for the scan to complete.

    If you are logged out of the session then login again using credentials admin/admin.

    

11. Report: Results appear, displaying the discovered vulnerabilities along with their severity and port numbers on which they are running.

    The results might differ when you perform this task.

    

12. Click on any vulnerability under the Vulnerability column to view its detailed information.

13. Detailed information regarding selected vulnerability appears, as shown in the screenshot.

    

14. Similarly, you can check other Reports by hovering over the Report: Results section to view other Reports regarding the vulnerabilities in the target system.

15. Next, go through the findings, including all high or critical vulnerabilities. Manually use your skills to verify the vulnerability. The challenge with vulnerability scanners is that they are quite limited; they work well for an internal or white box test only if the credentials are known. We will explore that now: return to your OpenVAS tool, and set up for the same scan again; but this time, turn your firewall ON in the Windows Server 2022 machine.

16. Now, we will enable Windows Firewall in the target system and scan it for vulnerabilities.

17. Click on Windows Server 2022 to switch to the Windows Server 2022 machine and click Ctrl+Alt+Delete and login with CEH\Administrator / Pa$$w0rd.

18. Navigate to Control Panel --> System and Security --> Windows Defender Firewall --> Turn Windows Defender Firewall on or off, enable Windows Firewall, and click OK.

    By turning the Firewall ON, you are making it more difficult for the scanning tool to scan for vulnerabilities in the target system.

    

19. Click on Parrot Security to switch to Parrot Security machine and perform Steps# 7-9 to create another task for scanning the target system.

20. A newly created task appears under the Tasks section and starts scanning the target system for vulnerabilities.

21. After the completion of the scan, click the Done button under the Status column.

    It takes approximately 15-20 minutes for the scan to complete.

22. Report: Results appears, displaying the discovered vulnerabilities along with their severity and port numbers on which they are running.

    The results might differ when you perform this task.

    

23. The scan results for the target machine before and after the Windows Firewall was enabled are the same, thereby indicating that the target system is vulnerable to attack even if the Firewall is enabled.

24. This concludes the demonstration performing vulnerabilities analysis using OpenVAS.

25. Close all open windows and document all the acquired information.

26. Click on Windows Server 2022 to switch to the Windows Server 2022 machine and click Ctrl+Alt+Delete login with Administrator/Pa$$w0rd.

27. Navigate to Control Panel --> System and Security --> Windows Defender Firewall --> Turn Windows Defender Firewall on or off, disable Windows Firewall, and click OK.

Question 5.2.1.1

Lab Scenario

As a professional ethical hacker or pen tester, you must acknowledge the limitations of conventional approaches in revealing all potential vulnerabilities. Therefore, you will utilize AI-driven vulnerability analysis tools to identify and assess security weaknesses in a simulated network environment.

Lab Objectives

• Perform vulnerability analysis using ShellGPT

Overview of vulnerability analysis using AI

Vulnerability Analysis with AI employs advanced algorithms to unearth hidden security flaws in networks. AI-driven tools extract comprehensive data, prioritize risks, and fortify defenses, empowering ethical hackers to anticipate and mitigate emerging threats effectively. This innovative approach enhances cybersecurity readiness by leveraging AI's precision and adaptability.

Task 1: Perform Vulnerability Analysis using ShellGPT

ShellGPT swiftly interprets and executes commands, conducting scans, identifying weaknesses, and suggesting mitigation strategies in real-time. Its adaptive nature facilitates dynamic navigation through complex systems, enhancing efficiency and precision in vulnerability analysis. By integrating ShellGPT, you can gain a powerful ally in their quest to safeguard digital ecosystems, leveraging AI's capabilities to uncover and address security risks with unparalleled speed and accuracy.

Here, we will use ShellGPT to discover potential vulnerabilites in the target.

The commands generated by ShellGPT may vary depending on the prompt used and the tools available on the machine. Due to these variables, the output generated by ShellGPT might differ from what is shown in the screenshots. These differences arise from the dynamic nature of the AI's processing and the diverse environments in which it operates. As a result, you may observe differences in command syntax, execution, and results while performing this lab task.

1. Click Parrot Security to switch to Parrot machine, and login with attacker/toor. Open a Terminal window and execute sudo su to run the program as a root user (When prompted, enter the password toor).

   The password that you type will not be visible.

2. Run bash sgpt.sh command to configure ShellGPT and the AI activation key.

   You can follow the Instructions to Download your AI Activation Key in Module 00: CEH Lab Setup to obtain the AI activation key. Alternatively, follow the instructions available in the file, Instructions to Download your AI_Activation_Key - CEHv13.

   

3. After configuring the ShellGPT in Parrot Security machine, in the terminal window, run **sgpt

4. --chat nikto --shell "Scan the URL https://www.certifiedhacker.com to identify potential vulnerabilities with nikto"** to launch Nikto scan on the target website.

   In the prompt, type E and press Enter to execute the command.

   

5. Scan result appears displaying the discovered vulnerabilities in the target website (here, www.certifiedhacker.com), as shown in the screenshot.

   

   

   Nikto scan takes long time to complete. You can terminate the scan, by pressing Ctrl + Z.

6. In the terminal, run sgpt --chat vuln --shell "Perform vulnerability scan on target url http://www.moviescope.com with Nmap" command to perform vulnerability scan on the target website. The result appears displaying open ports and services running on the target website.

   

7. Run sgpt --chat vuln --shell "Perform a vulnerability scan on target url http://testphp.vulnweb.com with skipfish" to scan the target URL using skipfish tool.

   If a prompt appears, enter any key to continue the scanning process.

   

8. The skipfish begins scanning the target url. After the successful completion of the scan, report is saved at the /tmp/skipfish_scan_output/ location, named as index.html. Navigate to the location, right-click on index.html and open with Firefox ESR Web Browser, as shown in the screenshot.

   The location of scan report might differ. You can view the location in the skipfish command generated by ShellGPT.

   

9. Firefox browser window appears displaying the complete scan report, as shown in the screenshot.

   

10. Apart from the aforementioned commands, you can further explore additional options within the ShellGPT tool and utilize various other tools to conduct vulnerability assessments on the target.

11. This concludes the demonstration of performing vulnerability assessment on the target system using ShellGPT.

12. Close all open windows and document all the acquired information.

Question 5.3.1.1

References

Vulnerability Research 

Vulnerability Assessment Tools

AI-Powered Vulnerability Assessment Tools

Vulnerability Assessment using AI 

Vulnerability Scan using Nmap with AI 

Vulnerability Scan using Skipfish with AI 

Vulnerability Assessment Reports