Major Content Refresh & New Scheduling System Release

Major Content Refresh & New Scheduling System Release



DASWebs Inc. (Operate & Maintain Focused) Environment Refresh


The DASWebs Inc. environment is the oldest of our environments. It is the environment most Operate & Maintain challenges occur in and has served admirably for the past eight years. However, we consider the NICE Challenges to be living content, which should be updated and improved over time to stay within the bounds of realism. While we believe we have accomplished this thus far, the challenges in the DASWebs Inc. environment are starting to be held back by their aging environment.

Thus, during the first week of January 2022, we will be releasing a refreshed and updated DASWebs Inc. environment! The refreshed environment has had all its operating systems upgraded to newer versions, new services and software installed (e.g., OpenMediaVault, osTicket, MediaWiki, Docker, etc.), and a fresh coat of paint applied to the DASWebs business website. Please find below a preview of the refreshed network map.


DASWebs Inc. Network Map


Challenge Conversions & Updates


The NICE Challenges and environments are closely linked. Due to this, when we do a major environment refresh, we must convert every challenge linked to that environment (80 challenges in this case) to work in the new environment. Depending on the changes to the environment and the nature of the challenge, the conversion process can lead to challenges receiving minor alterations to significant reworks. We also updated some challenges to improve their functionality, reliability, and user experience during the challenge conversion process.

To help our Curators (educators) understand how much any challenge has changed, we have provided a list of altered challenges along with their general level of alteration at the end of this newsletter. If you are a Curator and have more detailed questions about how a specific challenge or challenges have changed, please reach out to our Content Team Lead & Community Manager, Alex Hillock (ahillock@nice-challenge.com).


New Scheduling System Release Date


We will be releasing the new scheduling system alongside the initial new content release during the first week of January 2022. Look at our previous newsletter for more information on the new scheduling system.


Maintenance Window for These Major Releases


To safely test and release the new DASWebs Inc. environment, most of the converted and updated challenges, and the new scheduling system, we will need to take the NICE Challenge Webportal and Infrastructure into maintenance mode for the duration of January 3rd, 2022, to January 7th, 2022. During this time window, you will be unable to use on-demand workspaces, deploy challenges, or schedule reservations for workspaces within the affected week. Additionally, the NICE Challenge Webportal might become unavailable for brief periods during these five days.

We always attempt to be as minimally disruptive to our users as possible. We have identified this time window to be the least disruptive to our users based on historical trends. If this planned maintenance window is critically disruptive to your class, please contact us through the NICE Challenge HelpDesk as soon as possible.


Converted Challenge Alteration Table


Alteration Level Key


Minor: Little to no changes. Primarily updates to context and backend check logic when needed.
Moderate: Challenge remains largely the same, but some checks may have been altered (e.g., replaced, updated, removed, consolidated, etc.) and Players may be asked to do a few things that are different from before.
Major: Challenge is conceptually similar, but has undergone a large rework. Most checks will be new or different.


Challenge TitleAlterationNotes
Helpdesk Fun: User Workstation NightmaresModerateIncludes Complexity 1 Version
Dangerous DrivesMinorIncludes Complexity 1 & 2 Versions
Digital DuplicatesMinor
Disguising a Dastardly Deed with Disappeared DataMinorIncludes Complexity 1 & 2 Versions
File Signatures Broke My FilesMinor
Hash Comparisons: Revealing the ConcealedMinor
Malware Analysis: My Haunted MachineModerate
Group Policy ProtectionsMinor
Volatile VulnerabilitiesMinor
STIG SolutionsTBASecond Wave Re-release**, Includes Complexity 1 Version
Least Privileged Put OffsModerate
Local Admin No More, Security by DesignMinor
Insider Threat: Domain Lockdown IncomingMinor
A WordPress Journey From Dev to ProdModerate
Interns & HR on the Domain ControllerMinor
Secure Domain Accounts & Passwords? Probably WorthMinor
Secure Roots: Domain Organization & Access ControlsMinor
Basic Server Maintenance and CleaningMinor
The Network is Down! Contractor EditionModerateIncludes Complexity 1 Version
Infrastructure Monitoring: The Nagging You NeedMinor
Linux Administrator 101: Users, Access & UpdatesMinor
Linux Administrator 101: Users, Access & Updates (Complexity 1)Moderate
Security Begins & Never Ends with UpdatesMinorIncludes Complexity 1 Version
Linux Administration 201: 101 + Network IntegrationMinor
The Network is Down! Internal Issues EditionMinor
A Database story: Backup then RecoveryMinorIncludes Complexity 1 Version
Creating the Digital Paths to Company KnowledgeTBASecond Wave Re-release**
Helpdesk Fun: Disappearing Drives & Web AppsTBASecond Wave Re-release**
Playing Find the Bottleneck, Stage: Data GatheringMinor
Overflowing Inboxes: An Intervention PolicyMinor
An ERD Story: Implementation Then DesignMinor
Great Project Beginnings: The Oracle DB InstallModerateTitle Change when Re-released
Nothing Says Maintenance Like Updating Legacy Software DependenciesTBASecond Wave Re-release**
Slow Query, Long ReportMinor
Data Backup & Recovery, Definitely Worth TestingTBASecond Wave Re-release**
Shellshock (CVE-2014-6271) (Threat Sandbox)Minor
Strengthening System SecurityTBASecond Wave Re-release**
Vulnerability Scan Complete, Begin System HardeningTBASecond Wave Re-release**
A Tutorial Technical Challenge!Minor
A Tutorial Hybrid Challenge!Minor
EternalBlue (CVE-2017-0144) (Threat Sandbox)Minor
Dirty COW (CVE-2016-5195) (Threat Sandbox)RetiredRetired Due to Hard to Maintain Kernel Bug
Heartbleed (CVE-2014-0160) (Threat Sandbox) Minor
Networking Woes: The Monitor We NeedMinor
KMS, Knowledge Maybe Somewhere?Minor
Knowledge Management: The Framework to Connect Them AllMinor
Assuring Accurate Asset InventoriesMinor
Control Through Configuration ManagementMinor
A Sense of SecurityMinor
Backup everything in case of... Ocean?TBASecond Wave Re-release**, Includes Complexity 1 Version
Malicious Mail ManagementTBASecond Wave Re-release**, Includes Complexity 1 Version
Data Mining & Data WarehousingTBASecond Wave Re-release**
Preventative Protection: Thwarting the Imminent ThreatModerateIncludes Complexity 1 & 2 Versions
Operations Gone Wrong: The Incompetent InternTBASecond Wave Re-release**
Lengthy Logs: Attack AnalysisTBASecond Wave Re-release**, Includes Complexity 1 Version
Networking Anomalies: The Packet Capture EditionMinor
Skimping on Scripts: Dealing with DataMinor
Calamitous ConfigurationsTBASecond Wave Re-release**
Helpdesk Fun: User Login NightmaresMinor
Security Begins & Never Ends with Updates: Networking EditionTBASecond Wave Re-release**, Includes Complexity 1 Version
Customer Support Crash CourseModerate
Social Site StoppageMinor
System Administration Crash CourseModerate
Network Administration Crash CourseModerate
Database Administration Crash CourseModerate
Knowledge Management Crash CourseMinor
Systems Security Analyst Crash CourseMinor

This table will be updated as additional details are added. Challenge conversions were done relative to the popularity of the challenge based on usage.


*Determination of release wave and alteration level coming soon.
**Will be re-released in a second wave on January 26th, 2022. Challenges re-released in the second wave will be unavailable for use between the first and second re-release wave.


-- Published December 2021




If you wish to use the NICE Challenges and don't yet have a Curator account on our Webportal (currently limited to faculty/staff at U.S. educational institutions), use the link below to access our website and fill out the sign-up form to get started. We are always looking for feedback on our work!


As always, thank you for your interest! All of us in the NICE Challenge Development Team look forward to working with you to make the best platform, environments, and challenges to enable the cybersecurity workforce of the future.


NICE Challenge Project Links...

NICE Challenge Project Website - https://www.nice-challenge.com
NICE Challenge Webportal - https://portal.nice-challenge.com
NICE Challenge Helpdesk - https://nicechallenge.freshdesk.com