A Scenario refers to a sandboxed virtual environment, where a user is provided with a set of tasks to complete and/or provisioned with a set of resources that accompany competency-driven technical/non-technical training. In simple words, a scenario is a lab environment in which, a user is taken through, or assessed, on a given domain/topic/skillset:
The Scenarios tab has a collection of all scenarios that are currently on the platform.
Scenario Types/Classifications
It is important to understand how scenarios are classified on the range or, to be specific the various Game Types and Game Modes that constitute a given scenario.
Scenarios are divided into two distinct Game Types:
- Single Player
- Multiplayer
Each of the types has a set of Game Modes:
- Single Player:
- Open Range
- Cyber Challenge
- Multiplayer:
- CTF (Capture the Flag)
- Melee
- Table Top Exercise (TTX)
Take note of the following:
| Game Mode | Notes | Game Type | Notes |
| Single Player | This mode contains scenarios that are designed to be interacted with in a single-user session, however, they can be utilized in a multi-user session, referred to as lobbies/events. | Open Range | This classification contains scenarios that are meant to be interacted with at the user’s own pace. Thus, they are not enforced by time limits and do not contain any set of tasks (assessment – series of questions) the user must complete. This classification may, at most times, lack an accompanying virtual environment. |
| Cyber Challenge | This classification contains scenarios that are meant to assess the competence of a user on a given topic/domain/skillset. Thus, they are enforced by time limits and contain a set of tasks the user must complete. This classification is mostly, accompanied by a virtual environment. | ||
| Multiplayer | This mode contains scenarios that are purposefully designed to be used in a multi-user session. | Capture The Flag | This classification contains scenarios that are meant to be used in a CTF style competition. Thus, scenarios of this classification will always contain a set of tasks. |
| Melee | This classification is unique, scenarios of this type are the only ones that have a shared environment. By default, all other scenario classifications produce an instance per user when interacted with. This simply means that a user is attached to their own virtual environment, i.e., each user has access to their own set of virtual machines. However, Melee scenarios attaches all the users in the multi-user session to one virtual environment. i.e., users have access to the same virtual machines. This type is suitable for attack and defend exercises. Contains a set of tasks to be completed. | ||
| Table Top Exercise | This classification is also quite unique. Scenarios of this type are meant to be delivered to a non-technical target audience. This type is ideal for Crisis Simulation exercises. This type has a role functionality that allows users to define a specific role before taking part in the session (if enabled). The roles can have a set of limits imposed, for example, a certain role may have access to interact with the virtual machine while another does not. This type contains a set of Injects - these are scenario driven tasks that are used to quantify or assess the user’s competency in a given subject/domain/skillset. | ||
| Attack and Defense | This is a special type of mode added to with release 2024-01. Users will be split into two environments, where they will take up the role of defending their network and also attack the other teams network. |
Searching for Scenarios
By default, the library has different sections to help you find scenarios you are looking for. The top bar has Filters, Category, and Search tabs:
Filters Tab
By clicking the Filters tab, one can filter for scenarios based on scenarios Difficulty Level or Scenario Type:
Owned Subscriptions - this will filter in for the scenarios that are subscribed to your account.
Difficulty - this will filter the scenarios according to the level of difficulty.
Category - one can choose scenario(s) to play based on their category/domain.
Type - there are two types of scenarios:
Open Range - these types of scenarios lack an assessment and are normally tutorial based and are beginner-friendly.
Cyber Challenge - these types of scenarios have an assessment and users are required to answer the questions provided in the assessment for successful completion of the scenario.
Injections - this will filter the scenarios according to the availability of injections.
Tags search - this enables you to search for a given tag by its unique name.
Author search - this enables you to search for a scenario author by their name.
Subscription search - this enables you to search for a given subscription by its unique name
Filtering by Competence
You can filter the content by the NIST NICE competence framework. When selected, the user can opt to filter by the Top 10 Work Roles or drilled down to specific categories:
Clicking on a given category allows you to drill down deeper through the category, all the way to specific KSAs (Knowledge, Skill & Ability)
To filter, for a category or KSA, select the category/KSA and the click Apply:
Using either categories or KSA may yield slightly different results. A category will have all the KSA of that category filtered for, however, KSA will only have the selected KSA filtered for.
Search
Alternatively, a scenario can be searched by its Scenario Name or a keyword affiliated with that scenario. For example, searching for a scenario with the keyword Apache, will display a list of scenarios as follows:
The search field allows you to type in the scenario name or keyword affiliated with the scenario.
Upon searching, the Sort field allows you to sort out the results by:
Newly Released scenarios
Oldest Released scenarios
Scenario Catalogue
The scenarios tab has additional sections which catalogues/groups scenarios according to:
Recently Played
Shows the scenarios recently played by the logged-in user.
Newly Published
Shows a list of most recently published (released) scenarios.
Top Rated
Shows a list of the top-rated scenario from the ratings by other users on CYBER RANGES.
Most Popular
Shows the most popular scenarios on CYBER RANGES.
Domains
The next section usually shows scenarios based on different domains e.g., Web, PWN, Stego, Networking etc.
How to Play Scenarios
A scenario in CYBER RANGES refers to an emulated lab exercises that span from skill development and competency assessment to threat emulation. The structure of the scenario will often contain the below pages/tabs:
Overview/Briefing/Mission: this is a detailed guide on what are the expectations and actions the user will undertake while going through the content.
Questions/Assessment: A series of tasks the user will be tasked to complete (not all scenarios have an assessment).
Servers: A series of resources/virtual machines provisioned to aid the end user in completing the objectives outlined in the mission area (not all scenarios have the servers’ section)
Other pages/tabs will be present depending on the user’s role, assessment, and scenario type.
Starting a Scenario
Once you have settled on a scenario you would like to play, click the VIEW INFO button:
On clicking, the select scenario menu shall open as shown:
Here you can see details about the scenario including its mode, type, difficulty, duration, and a scenario description (what the scenario is about).
Before playing any scenario, it is important to take note of the Duration: this is the runtime of the scenario.
Scenario Modes
Scenarios under the library can be played either in Single Slayer or Multiplayer Mode. By default, when we click on START, the scenario will be loaded in Single Player mode. If you wish to open the scenario in Multiplayer Mode, click on the drop-down icon to select that option:
Booting/Loading a scenario
For the rest of this section, we shall be focusing on playing a single player scenario. To play the scenario in single player mode, click the START button. Alternatively, you can click on the dropdown on the start button and click on single player.
On clicking START, the scenario will start booting/loading:
The scenario loading process revolves around creating and provisioning the necessary virtual environment, as such, each scenario will have a unique loading time, which will be indicated by the status bar during the loading process.
While the scenario loads:
Your VPN Status will be indicated on the top left.
The loading status of the scenario will also be listed at the top middle of the screen.
Alternatively, as the scenarios loads, you can view the following:
Mission - this is a detailed guide on what the scenario is about and what you are expected to do.
Rules - this is the code of ethics and details on how to access the VMs provisioned in the scenario.
Leaderboard - shows the performance of other players on that scenario.
When the scenario has fully loaded up, you can click the START button, and this will take you to the scenario content page, where you can play the scenario.
Scenario Sections
Upon accessing the scenario, the following will be displayed:
The numbered areas are as follows:
Overview - this is the first tab that is open whenever you play any scenario.
Mission - under the overview tab is the mission section. This section is where details/steps on how to play the scenario are listed.
Rules - Code of ethics and video links are provided on how to access the range via VPN:
Feedback - allows users to share their ratings and comments.
Time Elapsed - shows you the amount of time that has elapsed since you started playing the scenario.
Score - for cyber challenge scenarios, a score icon is visible to show you your overall score.
VPN status - this will show you whether your VPN is connected.
Cloud status - if the Cloud Stack faced an issue during loading, this icon will alert you of this.
Lab Access Guidelines - for every scenario that has virtual machines configured, there will be a guideline on how to access the virtual machines.
Credentials table - after reviewing the Lab Access Guideline, a table with the required credentials will be provided.
For Cyber Challenge scenarios, a Questions tab will be available. In this tab, is where the assessment/questions will be provisioned:
Under the questions tab:
Questions - you can view all the questions available for that scenario.
Question Score - the score points awarded for getting that particular question correctly.
Question Penalty - the score points deducted for getting that particular question incorrectly.
Answer(s) field - depending on the type of answer that is expected, there will be either a text field that requires you to type/paste in the correct answer or use your mouse to select the best answer (multiple choice questions/answers).
Submit Answer - after pasting/typing in or selecting your answer, click on SUBMIT ANSWER to have that answer be evaluated.
Attempts - for each question, there is a unique number of attempts that you are allowed to use up until that question is locked, or you get it correctly.
Hide Answers - can be used to toggle the visibility of your answers.
Completion - as you answer the question, this bar will fill up to showcase how far you are progressing.
Navigate - you can use this pane to navigate through questions sequentially or jump to the selected question of your choice via the questions highlighted in 1.
Click on Servers if you would like to view as well as connect to any virtual machines associated with the scenario, as follows:
In the ‘Servers' section, the Virtual Machines associated with the scenario will be listed. For each scenario and Virtual Machines, the following can be performed:
Reset Environment - this will erase any changed you have made to all the Virtual Machines
Send Feedback - for each virtual machine, you can share your feedback.
Manage a virtual machine - for each virtual machine, you can Restart or Reset them
Services - a list of services that are accessible to you is in this section
Service Types
The following are some of the services that can be configured on a given Virtual Machine for a scenario:
Web Console - refers to an RDP/VNC service configured on the virtual machine.
Web Shell - refers to SSH service configured on the virtual machine.
Web Proxy - refers to any Website service configure on the virtual machine
RDP - refers to RDP service configured on the virtual machine.
Depending on the services that have been configured on the different servers, clicking on the icon shown below, will load that service:
Score
Click on Score to see your score and performance overall throughout the category of questions:
On the score section:
Overall Score - will list the total points you have attained and the questions you have gotten correctly for each question.
Category Score - will showcase a pictorial of you score per question category
Score graph - will showcase a graph showcasing your performance through the questions from the time you started the scenario to the times you attempted each question.
- Competences - will showcase the NICE Competence Framework achieved per question.
Exiting a Scenario
At the bottom left of a running scenario, there is an exit button, as shown below. Click on it if you wish to exit the scenario before its duration has lapsed.
Alternatively, you can click on the CYBER RANGES logo as well:
When you click on exit, you will get the prompt below that will ask if you would like to exit back to the dashboard or exit and terminate your scenario:
If you would like to come back and resume the scenario later, just exit to dashboard. Otherwise, you can choose to exit and terminate the scenario if you are not planning to resume it.