Category Archives: NCDC13 Clarifications

Scenario and Rule clarifications for the 2013 National Cyber Defense Competition.

Can we use a non-Windows solution to act as a Domain Controller?

You can try using another system to emulate a Windows DC if you wish. Please understand that there is a risk for you to do this. We have only tested our service scanner against a Windows AD, so if there is some quirk with your non-windows based solution that causes the service scanner not to register it, that will be something you will be responsible for.

As mentioned in the Scenario, your system will not only need to be able to bind via LDAP, but also need to issue Kerberos tickets in tandem.

Again, even if it works in your testing but not with our scanner, it’s on you to fix.

Can we replace the payroll application with a completely different software solution?


Replacing the payroll application with another existing solution or scratching it and writing it from the ground up are not viable options for the purposes of this competition. Keep in mind we are trying to emulate a real IT department at a real company. Realistically you would not be able to come in a re-write all the company’s web apps. Even moving them to other existing solutions is not a trivial task, particularly for a payroll application.