Cyber operations is about the configuration, defense, and attack of real systems. Publicly known vulnerabilities in deployed systems are patched, though perhaps not as rapidly as the security might hope. Any publicly known vulnerabilities that might be exploited in currently deployed systems are necessarily 0-days. In contrast, older systems can be attacked using a range of exploits that are known today, but were unknown when the systems were deployed. Thus, this book focuses on systems that were deployed between 2008 and 2013.
To configure, attack, and defend systems, a testing laboratory is required. Such ...