A 360-lesson Linux and macOS terminal track from first commands to confident operator workflows.
Choose your Unix Lab mission path.
A 360-lesson Linux and macOS terminal track from first commands to confident operator workflows.
Build one layer at a time.
Follow the course order for a steady progression, or open any course when you need a focused refresher. Nothing is locked.
- 01 Terminal basics 34 lessons
- 02 Files and paths 36 lessons
- 03 Text and logs 38 lessons
- 04 Nano and editing 27 lessons
- 05 Permissions and users 33 lessons
- 06 Server operations 36 lessons
- 07 Security administration 35 lessons
- 08 Shell scripting 31 lessons
- 09 Networking 26 lessons
- 10 Package/process ops 20 lessons
- 11 Troubleshooting 26 lessons
- 12 Capstone labs 18 lessons
Orientation, paths, hidden files, and command history.
34 short lessons · 3 checkpoints 0/36 Files and pathsCreate, copy, move, remove, and find files.
36 short lessons · 2 checkpoints 0/38 Text and logsRead files, search logs, and use text pipelines.
38 short lessons · 4 checkpoints 0/27 Nano and editingUse simulated nano, edit config copies, and verify saved files.
27 short lessons · 3 checkpoints 0/33 Permissions and usersModes, owners, groups, and sensitive file review.
33 short lessons · 4 checkpoints 0/36 Server operationsProcesses, services, nginx validation, and capacity signals.
36 short lessons · 2 checkpoints 0/35 Security administrationIdentity, sudo boundaries, SSH hardening, firewall rules, and review notes.
35 short lessons · 7 checkpoints 0/31 Shell scriptingScript reading, safe guards, text helpers, logging, and review habits.
31 short lessons · 5 checkpoints 0/26 NetworkingAddresses, routes, listeners, firewall context, DNS files, and SSH dry runs.
26 short lessons · 2 checkpoints 0/20 Package/process opsPackage metadata, package logs, process snapshots, and signal language.
20 short lessons · 4 checkpoints 0/26 TroubleshootingA repeatable triage loop across resources, logs, services, network, and packages.
26 short lessons · 2 checkpoints 0/18 Capstone labsIntegrated junior-operator reviews that combine evidence, notes, and validation.
18 short lessons · 18 checkpointsKeep learning across sessions.
Create a free account to sync completed lessons, XP, streaks, course status, and your next lesson across sessions.
Checking account status...
Progress sync is idle.
Progress sync stores completion IDs, scores, streaks, badges, and game settings. Terminal contents, editor snippets, lab scratch, email, and real names are never published on leaderboards or share cards.
Short missions for terminal confidence.
Map the training server, learn where you are, and move through directories.
Beginner 02 Terminal basics Paths and shortcutsPractice absolute paths, relative paths, dot, dot-dot, and home shortcuts.
Beginner 03 Terminal basics Hidden filesUse long and all listings to reveal dotfiles and read shell startup notes.
Beginner 04 Terminal basics Command historyRun a few safe commands, review history, and clear the display without resetting state.
Beginner 05 Files and paths FilesCreate folders and files, then copy, move, and remove lab files carefully.
Beginner 06 Files and paths Copy and moveDuplicate and rename project files while checking paths before and after.
Beginner 07 Files and paths Safe deletionRemove a single lab file and learn why wildcards, root, and force deletes are blocked.
Beginner 08 Files and paths Find filesSearch the simulated filesystem by root and filename pattern.
Beginner 09 Text and logs Viewing textOpen text, search logs, and inspect output without editing files.
Beginner 10 Text and logs Grep practiceSearch literal text in logs and practice case-insensitive matching.
Beginner 11 Text and logs Log triageInspect access, error, auth, and service logs in a cautious order.
Beginner 12 Text and logs Text pipelinesUse safe simulated pipes to count, sort, and deduplicate text output.
Beginner 13 Nano and editing Editing with nanoOpen the simulated nano editor, save a text file, and verify your change.
Beginner 14 Nano and editing Editing config notesCopy a system config into your lab, edit it safely, and compare the result.
Beginner 15 Nano and editing Edit and verifyCreate a runbook, count its lines, and inspect metadata after saving.
Beginner 16 Permissions and users PermissionsRead and change simulated modes and ownership without risking real files.
Beginner 17 Permissions and users Owners and groupsPractice simulated chown and chgrp changes while checking account context.
Beginner 18 Permissions and users Permission reviewReview sensitive training SSH and web files with long listings and metadata.
Beginner 19 Server operations Server adminInspect simulated processes, services, and web server config like a cautious admin.
Beginner 20 Server operations Service inspectionCompare simulated service status and journal output before taking action.
Beginner 21 Server operations Nginx validationRead training nginx config and validate it without making real server changes.
Core 22 Server operations Resource inspectionRead simulated disk, memory, uptime, and directory usage signals.
Core 23 Security administration Security adminPractice security habits: identity, logs, firewall rules, and simulated sudo.
Core 24 Security administration SSH hardeningRead training SSH settings and confirm safer defaults without connecting anywhere.
Core 25 Security administration Firewall and incident reviewInspect firewall state, add a simulated rule, and write a short incident note.
Core Checkpoint 26 Terminal basics Manual pagesUse simulated manual pages to learn command intent before running tools.
Core 27 Terminal basics Command locationsUse which to understand how shells find commands.
Core 28 Terminal basics Environment variablesInspect a simulated environment without exposing real browser or server secrets.
Core 29 Terminal basics System identityInspect simulated kernel, hostname, and clock output.
Core 30 Terminal basics Identity contextUse identity commands before interpreting permissions and logs.
Core 31 Terminal basics Option patternsCompare short flags and long listings in a safe directory.
Core 32 Terminal basics Safe movementMove between root, etc, and home while checking location.
Core 33 Terminal basics Quoted pathsCreate and list a path that contains a space.
Core 34 Terminal basics Output redirectionWrite simple command output into a safe lab file.
Core 35 Terminal basics Reset the labSee the difference between local changes and resetting the lab environment.
Core 36 Files and paths Directory size mapCombine find, du, and df to reason about storage safely.
Core 37 Files and paths Symbolic linksCreate and inspect a simulated symbolic link.
Core 38 Files and paths Archive basicsCreate and list a simulated tar archive.
Core 39 Files and paths File differencesCompare two training config files before editing either one.
Core 40 Files and paths ChecksumsUse deterministic training hashes to verify file identity.
Core 41 Files and paths Rename workflowCreate a report draft and rename it safely.
Core 42 Files and paths Wildcard safetySee why broad delete patterns are blocked in the lab.
Core 43 Files and paths Path normalizationUse dot and dot-dot safely without leaving the simulated filesystem.
Core 44 Files and paths Script metadataInspect and update simulated script permissions.
Core 45 Files and paths SSH file layoutInspect common SSH files without making any network connection.
Core 46 Files and paths Scratch workspaceCreate a temporary lab area inside home and clean one file safely.
Core 47 Text and logs Paging logsUse less, head, and tail to read logs in chunks.
Core 48 Text and logs Case-insensitive searchFind text regardless of capitalization.
Core 49 Text and logs Pipeline countsFilter logs through safe text pipelines.
Core 50 Text and logs Port text reviewRead, sort, and count a training port list.
Core Checkpoint 51 Text and logs Config text compareUse grep and diff to compare two config snapshots.
Core 52 Text and logs Journal windowsRead only the last few simulated journal lines.
Core 53 Text and logs Kernel log basicsInspect simulated kernel messages for mount and network clues.
Core 54 Text and logs Package log basicsInspect simulated package activity without installing anything.
Core 55 Text and logs Access log reviewFilter training HTTP access lines for status and method clues.
Core 56 Text and logs Error patternsSearch different logs for warning and denied patterns.
Core 57 Text and logs Redaction notesWrite a safe note that marks sensitive data as redacted.
Core 58 Nano and editing Nano runbookCreate a small operational runbook in simulated nano.
Core 59 Nano and editing Nano SSH config copyCopy SSH config to the lab and inspect it after opening nano.
Core 60 Nano and editing Nano env exampleCreate a simulated env example without storing real secrets.
Core 61 Nano and editing Nano nginx commentOpen a copied nginx config and validate the training server config.
Admin 62 Nano and editing Nano permission noteWrite a permission review note and set a private mode.
Admin 63 Nano and editing Nano replace reviewStart with redirected text, then review it in nano.
Admin 64 Nano and editing Nano config backupBack up a config copy before editing it.
Admin 65 Nano and editing Nano service notesWrite service review notes and compare them with service status.
Admin 66 Nano and editing Nano incident timelineWrite a timeline and compare it with SSH journal entries.
Admin 67 Nano and editing Nano checklistCreate a checklist and search it for a completion marker.
Admin 68 Permissions and users Numeric modesSet and inspect numeric file modes.
Admin 69 Permissions and users Directory modesReview why private directories use tighter modes.
Admin 70 Permissions and users Owner reviewChange simulated owner and group labels on a web file.
Admin 71 Permissions and users Passwd and group filesRead training account and group records.
Admin 72 Permissions and users Sudoers reviewRead a simulated sudoers drop-in without granting power.
Admin 73 Permissions and users Public and private filesCompare web-readable and private-note permissions.
Admin 74 Permissions and users Protected pathsTry a blocked system delete and inspect the protected file.
Admin 75 Permissions and users Group collaborationCreate a shared lab note and set group-oriented metadata.
Admin Checkpoint 76 Permissions and users Temporary directory conceptInspect simulated /tmp and keep scratch work inside home.
Admin 77 Permissions and users Executable scriptsRead and mark a training deploy script executable.
Admin 78 Permissions and users Sensitive path auditFind and inspect sensitive configuration paths.
Admin 79 Server operations Host network viewInspect simulated hostname, addresses, and listening sockets.
Admin 80 Server operations Service listList simulated units and check nginx activity.
Admin 81 Server operations Service filesInspect simulated unit files and journals together.
Admin 82 Server operations Nginx site mapInspect training nginx site layout and run a config test.
Admin 83 Server operations Ports and processesCompare simulated listener and process views.
Admin 84 Server operations Resource baselineRead simulated disk, memory, and load indicators together.
Admin 85 Server operations Log disk reviewEstimate simulated log size and list log files.
Admin 86 Server operations Deploy script reviewRead, hash, and inspect a training deploy script.
Admin 87 Server operations Service failure reviewInspect a simulated inactive backup service.
Admin 88 Server operations Config test loopCopy, open, and test nginx configuration safely.
Admin 89 Server operations Scheduled tasksInspect simulated cron configuration and related logs.
Admin 90 Security administration Auth log reviewSearch training SSH activity for accepted and denied attempts.
Admin 91 Security administration Firewall baselineInspect and update simulated firewall rules with caution.
Admin 92 Security administration SSH config reviewVerify key SSH hardening settings.
Admin 93 Security administration Least privilege reviewInspect identity and simulated sudo boundaries.
Admin 94 Security administration Incident noteWrite a short lab incident note from log evidence.
Admin 95 Security administration Exposed servicesCompare listeners, firewall rules, and nginx config.
Admin 96 Security administration Web hardeningInspect training nginx API blocking and CSP headers.
Admin 97 Security administration Script trust reviewHash and compare a training deployment script before trusting it.
Admin 98 Security administration Log retention reviewReview log size and line counts before cleanup decisions.
Admin 99 Security administration Account hygieneReview training accounts and root presence safely.
Admin 100 Security administration Final incident reviewPull together logs, firewall state, and a final review note.
Admin Checkpoint 101 Terminal basics Printf formattingUse printf for predictable terminal output.
Core 102 Terminal basics Path componentsSplit paths into filenames and directories.
Core 103 Terminal basics Link targetsCreate and inspect a symbolic link target.
Core 104 Terminal basics Existence checksUse test to reason about files and directories.
Core 105 Terminal basics Command composition reviewCombine printing, tee, and reading a local note.
Core Checkpoint 106 Terminal basics Terminal checkpointReview location, identity, and command memory.
Capstone Checkpoint 107 Files and paths Delimited file fieldsUse cut to extract fields from account records.
Core 108 Files and paths Structured file fieldsCompare awk and cut views of structured text.
Core 109 Files and paths Bulk name reviewUse xargs and basename to review path lists.
Advanced 110 Files and paths Path reportingBuild a small report from path helper commands.
Advanced 111 Files and paths Filesystem checkpointVerify archive, checksum, and search habits.
Capstone Checkpoint 112 Text and logs Sed substitutionPreview text replacement without editing a log.
Core 113 Text and logs Awk column extractionUse awk to pull simple columns from logs.
Core 114 Text and logs Cut field selectionExtract colon-delimited identity fields.
Core 115 Text and logs Text case transformsTransform piped text with tr.
Core 116 Text and logs Capture with teeCapture pipeline output to a lab note.
Advanced 117 Text and logs Xargs bridgeTurn text into safe command arguments.
Advanced 118 Text and logs Text pipeline checkpointCombine search, field extraction, transform, and counting.
Capstone Checkpoint 119 Nano and editing Nano script stubOpen a script draft and review its executable metadata.
Admin 120 Nano and editing Nano cron noteWrite a note after inspecting scheduled tasks.
Admin 121 Nano and editing Nano network notePair socket inspection with an operator note.
Admin 122 Nano and editing Nano package noteInspect package metadata and record a review.
Admin 123 Nano and editing Editing checkpoint runbookCreate a final mini-runbook and verify it.
Capstone Checkpoint 124 Permissions and users Test file typesCheck file and directory types before changing modes.
Admin 125 Permissions and users Sticky bit reviewInspect shared temporary directory metadata.
Admin Checkpoint 126 Permissions and users Script private modeSet strict metadata on a script draft.
Admin 127 Permissions and users Ownership auditCompare service account ownership across web files.
Advanced 128 Permissions and users Link permission reviewReview link metadata and target permissions together.
Advanced 129 Permissions and users Permissions checkpointReview modes, groups, ownership, and sensitive paths.
Capstone Checkpoint 130 Server operations Top process viewRead a simulated top snapshot before deeper process checks.
Admin 131 Server operations Signal simulationPractice signal language without stopping anything.
Admin 132 Server operations Open files and listenersUse lsof to relate sockets to services.
Admin 133 Server operations Mount and block devicesInspect simulated mounts and block devices.
Admin 134 Server operations Operations checkpointPull process, service, storage, and log signals together.
Capstone Checkpoint 135 Security administration SSH dry runInspect SSH client configuration without connecting.
Admin 136 Security administration SSH key fingerprintRead a simulated key fingerprint.
Admin 137 Security administration SCP dry runUnderstand copy shape without network transfer.
Admin 138 Security administration Package security reviewInspect package metadata during a security review.
Advanced 139 Security administration Auth config checkpointReview SSH, identity, firewall, and notes.
Capstone Checkpoint 140 Security administration Hardening summarySummarize posture from logs, config, and service exposure.
Capstone Checkpoint 141 Shell scripting Script shebang reviewRead a script header and metadata before execution.
Advanced 142 Shell scripting Script-style outputUse printf to create predictable script output.
Advanced 143 Shell scripting Test guardsUse test commands as script-style guards.
Advanced 144 Shell scripting Basename in scriptsUse basename to report script inputs.
Advanced 145 Shell scripting Dirname in scriptsUse dirname to reason about script paths.
Advanced 146 Shell scripting Sed config previewPreview config text replacement as a script step.
Advanced 147 Shell scripting Awk reportsBuild a small report from fields.
Advanced 148 Shell scripting Cut in scriptsExtract account fields for script-style checks.
Advanced 149 Shell scripting Normalize textNormalize labels before comparing output.
Advanced 150 Shell scripting Tee script logsCapture command output as a script log.
Advanced Checkpoint 151 Shell scripting Xargs reviewUse xargs for safe argument shaping.
Advanced 152 Shell scripting Script execution modeSet executable bits only after review.
Advanced 153 Shell scripting Script diff reviewCompare config snapshots as a script review habit.
Advanced 154 Shell scripting Script checksum reviewHash scripts and compare notes before trusting them.
Advanced 155 Shell scripting Shell scripting checkpointComplete a mini script-review workflow.
Capstone Checkpoint 156 Networking IP address reviewInspect interface addresses and routes.
Advanced 157 Networking Socket listening reviewRead listener state with ss.
Advanced 158 Networking Lsof network reviewUse lsof to map listeners to services.
Advanced 159 Networking SSH config dry runResolve SSH client config without connecting.
Advanced 160 Networking SSH versionRead client version and server settings.
Advanced 161 Networking SCP planPreview secure-copy command shape without transfer.
Advanced 162 Networking DNS file reviewInspect resolver configuration as text.
Advanced 163 Networking Hosts file reviewInspect local host mappings.
Advanced 164 Networking Firewall service matchCompare firewall rules with service listeners.
Advanced 165 Networking Port inventory textNormalize and count port inventory text.
Advanced 166 Networking Network log grepSearch logs for link and access clues.
Advanced 167 Networking Interface baselineRecord a basic network baseline.
Advanced 168 Networking Listener baselineCapture and inspect listener baseline output.
Advanced 169 Networking SSH key contextConnect key fingerprints to SSH client config.
Advanced 170 Networking Networking checkpointTie addresses, listeners, firewall, and SSH config together.
Capstone Checkpoint 171 Package/process ops APT installed packagesList simulated installed Linux packages.
Advanced 172 Package/process ops APT package detailsInspect simulated package policy and metadata.
Advanced 173 Package/process ops DPKG package listUse dpkg to review installed package records.
Advanced 174 Package/process ops DPKG filesList simulated files owned by a package.
Advanced 175 Package/process ops DPKG status reviewConnect package status to logs.
Advanced Checkpoint 176 Package/process ops Brew listPractice macOS-style package inspection.
Advanced 177 Package/process ops Brew info reviewCompare brew info with Linux package logs.
Advanced 178 Package/process ops Pgrep process lookupFind simulated process IDs by name.
Advanced 179 Package/process ops Top reviewUse top and ps for process snapshots.
Advanced 180 Package/process ops Package and process checkpointReview packages, process state, and recent package logs.
Capstone Checkpoint 181 Troubleshooting Triage baselineStart troubleshooting with system, service, and capacity facts.
Advanced 182 Troubleshooting Failed service drillInspect an inactive service without restarting it.
Advanced 183 Troubleshooting Log correlationSearch multiple logs for related clues.
Advanced 184 Troubleshooting Config diff triageCompare configs before guessing at a routing issue.
Advanced 185 Troubleshooting Disk pressure reviewUse disk and log size commands in triage.
Advanced 186 Troubleshooting Permission denied triageInspect identity and file metadata before changing modes.
Advanced 187 Troubleshooting Network listener triageCompare sockets, firewall, and config.
Advanced 188 Troubleshooting Package change triageUse package logs to explain recent changes.
Advanced 189 Troubleshooting Rollback noteWrite a rollback note from evidence.
Advanced 190 Troubleshooting Troubleshooting checkpointComplete a focused triage loop.
Capstone Checkpoint 191 Capstone labs Capstone orientationStart the final operator lab by mapping host, identity, and filesystem.
Capstone Checkpoint 192 Capstone labs Capstone log sweepSweep auth, nginx, and package logs for evidence.
Capstone Checkpoint 193 Capstone labs Capstone service mapMap service status, units, and listeners.
Capstone Checkpoint 194 Capstone labs Capstone web configReview and validate web server config.
Capstone Checkpoint 195 Capstone labs Capstone permission auditAudit SSH, web, and private note permissions.
Capstone Checkpoint 196 Capstone labs Capstone network auditReview address, route, firewall, and SSH client config.
Capstone Checkpoint 197 Capstone labs Capstone package auditReview package state and process state together.
Capstone Checkpoint 198 Capstone labs Capstone incident runbookWrite an incident runbook from gathered evidence.
Capstone Checkpoint 199 Capstone labs Capstone hardening reviewTie hardening settings to exposure and identity.
Capstone Checkpoint 200 Capstone labs Final operator checkComplete the UNIX operator final review.
Capstone Checkpoint 201 Terminal basics Manual depth reviewUse manual pages and command paths before running unfamiliar tools.
Core 202 Terminal basics Option reading habitsCompare option-heavy commands without changing state.
Core 203 Terminal basics Terminal recoveryRecover orientation after clearing output or getting lost.
Core 204 Terminal basics Quoted path habitsUse quotes when filenames contain spaces.
Core 205 Files and paths Backup manifest reviewRead a backup manifest before touching archive files.
Admin 206 Files and paths Backup archive createCreate and list a small training backup archive.
Admin 207 Files and paths Restore drillRestore into a review folder before touching live paths.
Admin 208 Files and paths Archive verificationList archive contents and compare checksums before trusting a backup.
Admin 209 Files and paths Checksum compareHash source and restored files to confirm they match.
Admin 210 Files and paths Symlink inventoryCreate, read, and inspect links before relying on them.
Admin 211 Files and paths Glob safety previewList and find targets before deleting broad patterns.
Admin 212 Files and paths Temp cleanup reviewInspect temporary paths before cleanup decisions.
Admin 213 Text and logs Logrotate config reviewRead log rotation settings as text.
Admin 214 Text and logs Logrotate dry runDry-run log rotation without moving files.
Admin 215 Text and logs Journal time windowNarrow journal output before reading a whole service history.
Admin 216 Text and logs Evidence bundleCapture a focused evidence bundle into lab notes.
Admin 217 Text and logs Sed window previewPreview a small text window before searching a large file.
Admin 218 Text and logs Awk service summaryExtract service names from a baseline report.
Admin 219 Text and logs Access log triageSearch access logs for status and route signals.
Admin 220 Text and logs Retention evidence reviewCompare active and rotated logs before retention decisions.
Advanced 221 Nano and editing Nano config copyCopy config into lab before editing notes.
Admin 222 Nano and editing Nano rollback noteWrite rollback notes after reading evidence.
Admin 223 Nano and editing Nano nginx reviewPair nginx validation with an operator note.
Admin 224 Nano and editing Nano incident templateUse an incident template to structure review notes.
Admin 225 Nano and editing Nano service noteRecord service findings after inspecting unit state.
Admin Checkpoint 226 Permissions and users SSH directory auditReview SSH directory and file modes together.
Admin 227 Permissions and users Known hosts reviewInspect known_hosts as sensitive SSH context.
Admin 228 Permissions and users Service user ownershipCompare service users with files they serve.
Admin 229 Permissions and users Shared directory riskInspect shared directories before trusting their contents.
Admin 230 Permissions and users Sudoers readonly reviewRead a limited sudo rule without changing privileges.
Admin 231 Permissions and users Web root mode reviewSet and verify public web file permissions.
Admin 232 Permissions and users Group write riskSpot group ownership before changing modes.
Advanced 233 Permissions and users Least privilege auditReview identity, service ownership, and sensitive modes.
Advanced 234 Server operations Systemctl cat reviewRead service unit files before making assumptions.
Admin 235 Server operations Unit dependency readingRead service definitions and list units together.
Admin 236 Server operations Journal narrowingUse recent journal windows before scanning full logs.
Admin 237 Server operations Cron service reviewConnect cron service status, schedule, and logs.
Admin 238 Server operations Mount storage reviewCompare mounted filesystems and block-device inventory.
Admin 239 Server operations Nginx validate loopValidate config, read config, and compare a changed copy.
Admin 240 Server operations Resource baseline advancedBuild a resource baseline from uptime, memory, and disk.
Admin 241 Server operations Open file triageMap open sockets and processes to services.
Admin 242 Server operations Backup service noteInspect an inactive backup service and write a review marker.
Admin 243 Server operations Service failure notesRead failed service evidence without restarting anything.
Advanced 244 Server operations Mac service orientationCompare launchd-style inspection with systemd habits.
Advanced 245 Security administration SSH hardening deep reviewReview SSH config, key mode, and host identity.
Advanced 246 Security administration Firewall listener reconcileMatch exposed ports to firewall policy.
Advanced 247 Security administration Known host key contextReview SSH host identity without connecting.
Advanced 248 Security administration Sudo boundary reviewConfirm sudo is limited to safe inspection.
Advanced 249 Security administration Account inventory reviewInventory users, groups, and service accounts.
Advanced 250 Security administration Package security deep reviewConnect package state to recent package logs.
Advanced Checkpoint 251 Security administration Log redaction noteCapture evidence without copying more than needed.
Advanced 252 Security administration Hardening header reviewInspect web security header config and static API blocking.
Advanced 253 Security administration Service exposure noteWrite a short exposure review from listener evidence.
Advanced 254 Security administration Security evidence checkpointTie identity, SSH, firewall, and logs into a review.
Capstone Checkpoint 255 Shell scripting Shebang readingInspect script interpreter declarations before execution.
Admin 256 Shell scripting Set eu reviewRecognize strict-mode style script guards.
Admin 257 Shell scripting Script guard checksCheck required files before script-style work.
Admin 258 Shell scripting Script log captureCapture script-style output into a log file.
Admin 259 Shell scripting Path helper script reviewUse basename and dirname as script building blocks.
Admin 260 Shell scripting Config diff scriptReview config drift with diff and grep.
Admin 261 Shell scripting Argument shape reviewUse xargs only for safe argument shaping.
Advanced 262 Shell scripting Executable bit reviewSet executable mode only after reading a script.
Advanced 263 Shell scripting Checksum before runHash scripts and read notes before trusting them.
Advanced 264 Shell scripting Shell expanded checkpointComplete a script review from guards to logs.
Capstone Checkpoint 265 Networking Route readingRead IP address and route information together.
Admin 266 Networking DNS hosts comparisonCompare resolver and hosts file context.
Admin 267 Networking Listener ownershipMap listeners to processes and service state.
Admin 268 Networking Firewall port inventoryCompare firewall rules to a port inventory file.
Admin 269 Networking SSH dry-run reviewResolve SSH config and key context without connecting.
Admin 270 Networking SCP transfer planPlan a copy command without opening a network connection.
Admin 271 Networking Interface evidence captureCapture interface and route evidence into lab notes.
Admin 272 Networking Network incident logsSearch kernel and access logs for network clues.
Advanced 273 Package/process ops APT DPKG Brew compareCompare Linux and macOS package inspection tools.
Admin 274 Package/process ops Package file ownershipMap package names to owned files.
Admin 275 Package/process ops Package status log correlationConnect package status output to package logs.
Admin Checkpoint 276 Package/process ops Process lookup drillFind process IDs and compare snapshots.
Admin 277 Package/process ops Signal choice reviewRecord signal intent without stopping anything.
Admin 278 Package/process ops Top ps snapshotCompare top and ps output before acting.
Admin 279 Package/process ops Package change evidenceFind package changes and capture an evidence note.
Advanced 280 Package/process ops Package process expanded checkpointTie package inventory, process state, and logs together.
Capstone Checkpoint 281 Troubleshooting Incident website downTriage a simulated website outage from service, config, and logs.
Advanced 282 Troubleshooting Incident disk fillingUse disk and log evidence for storage triage.
Advanced 283 Troubleshooting Incident bad deployCompare configs and hash scripts during deploy triage.
Advanced 284 Troubleshooting Incident unknown listenerMap a listener to process and firewall evidence.
Advanced 285 Troubleshooting Incident permission deniedInspect identity and modes before changing permissions.
Advanced 286 Troubleshooting Incident suspicious loginSearch auth evidence and SSH policy together.
Advanced 287 Troubleshooting Incident package regressionReview package upgrade evidence during triage.
Advanced 288 Troubleshooting Incident cron failureConnect cron schedule, service, and logs.
Advanced 289 Troubleshooting Incident backup inactiveTriage inactive backup state and manifest context.
Advanced 290 Troubleshooting Incident nginx config mismatchCompare active config and expected config examples.
Advanced 291 Troubleshooting Incident resource spikeBuild a resource snapshot before blaming a process.
Advanced 292 Troubleshooting Incident rollback evidenceCapture rollback evidence before writing a note.
Advanced 293 Troubleshooting Incident evidence bundleCollect service, log, and network evidence in one drill.
Advanced 294 Troubleshooting Final triage loopComplete a full triage loop with evidence and a final marker.
Capstone Checkpoint 295 Capstone labs Capstone website outageInvestigate a website outage using service, config, logs, and listeners.
Capstone Checkpoint 296 Capstone labs Capstone disk pressureInvestigate disk pressure and log retention evidence.
Capstone Checkpoint 297 Capstone labs Capstone suspicious loginReview auth evidence, SSH policy, firewall state, and notes.
Capstone Checkpoint 298 Capstone labs Capstone bad deployReview deployment script, config diff, nginx validation, and rollback notes.
Capstone Checkpoint 299 Capstone labs Capstone unknown listenerReconcile listeners, process owners, firewall, and service state.
Capstone Checkpoint 300 Capstone labs Capstone backup restore reviewReview backup manifest, archive, restored file, and checksum evidence.
Capstone Checkpoint 301 Terminal basics Command anatomy reviewSeparate a command name, its options, and its target before pressing Enter.
Beginner 302 Terminal basics Option reading drillUse help output before applying search options to a log.
Beginner 303 Terminal basics Quoted paths with spacesUse quotes so a path containing spaces remains one argument.
Core 304 Terminal basics Escaped spacesUse a backslash to keep an escaped space inside one path argument.
Core 305 Terminal basics Builtins and executable pathsCompare shell builtins with commands found on PATH.
Core 306 Terminal basics Output capture contractPrint a predictable marker, capture it, and read it back.
Core 307 Terminal basics Absolute and relative path reportResolve relative names into full canonical paths.
Core 308 Terminal basics Help before changeBuild the habit of reading command guidance and current metadata first.
Core 309 Terminal basics Terminal recovery sequenceReorient, review recent work, and clear the display without losing state.
Core 310 Terminal basics Terminal foundations bridgeCheckpoint command lookup, path resolution, output capture, and history.
Capstone Checkpoint 311 Files and paths File type inspectionIdentify files, directories, links, and text before acting on them.
Core 312 Files and paths Canonical path reviewTurn relative and linked paths into stable absolute locations.
Core 313 Files and paths Temporary workspacesCreate bounded temporary files and directories for disposable work.
Core 314 Files and paths Sorted inventory comparisonCompare two sorted account inventories without modifying either file.
Core 315 Files and paths Restore copy verificationCopy a restore candidate and compare it with its source.
Admin 316 Files and paths Symlink chain auditCreate a link, inspect its stored target, and resolve the final path.
Admin 317 Files and paths Archive manifest workflowCreate an archive, list its members, and hash the artifact.
Admin 318 Files and paths Files and paths bridgeCheckpoint file type, canonical path, inventory comparison, and integrity checks.
Capstone Checkpoint 319 Text and logs Numbered log readingAdd stable line numbers to a short authentication-log view.
Core 320 Text and logs Sorted account diffUse comm to separate shared and unique account names.
Core 321 Text and logs Journal line numberingNumber a narrowed service journal so evidence is easy to reference.
Admin 322 Text and logs Three-stage evidence pipelineSearch, number, and limit log evidence in one bounded pipeline.
Admin 323 Text and logs Config substitution previewPreview a port substitution and compare it with the unchanged source.
Admin 324 Text and logs Rotated access comparisonCompare active and rotated access logs before summarizing traffic.
Admin 325 Text and logs Incident template numberingNumber a runbook template so collaborators can reference exact fields.
Admin Checkpoint 326 Text and logs Text evidence bridgeCheckpoint numbered logs, sorted comparisons, and bounded pipelines.
Capstone Checkpoint 327 Nano and editing Nano search workflowCreate a structured note and verify a marker after saving.
Core 328 Nano and editing Nano config-copy editEdit a disposable config copy and compare it with the original.
Admin 329 Nano and editing Nano recovery noteWrite a rollback-oriented note and verify every required field.
Admin 330 Nano and editing Nano editing bridgeCheckpoint search, save, verification, and recovery-note habits.
Capstone Checkpoint 331 Permissions and users Directory traversal modesSet and inspect a directory mode that supports controlled traversal.
Admin 332 Permissions and users Shared group directoryPrepare a group-owned workspace and inspect its collaboration mode.
Admin 333 Permissions and users SSH mode matrixCompare directory and key-file modes used by an SSH account.
Admin 334 Permissions and users Service account ownershipRelate a web file owner to the identity used by its service.
Admin 335 Permissions and users Least privilege bridgeCheckpoint ownership, group assignment, and minimum useful modes.
Capstone Checkpoint 336 Server operations Unit file readingRead a service definition before interpreting its runtime state.
Admin 337 Server operations Service state triangulationCompare status, active state, and journal evidence for one service.
Admin 338 Server operations Mount and capacity correlationConnect mounted filesystems, block devices, and available space.
Admin 339 Server operations Scheduled service evidenceRelate a user schedule to cron service state and log entries.
Admin 340 Server operations Server operations bridgeCheckpoint unit, journal, process, and storage evidence.
Capstone Checkpoint 341 Security administration SSH client and server policyCompare resolved client settings with server authentication policy.
Admin 342 Security administration Known-hosts hygieneInspect stored host identities alongside a key fingerprint.
Admin 343 Security administration Exposed service inventoryCompare listeners, firewall policy, and enabled service units.
Advanced 344 Security administration Privileged boundary reviewRead the simulated sudo boundary and verify the target service action is inspection-only.
Advanced 345 Security administration Security administration bridgeCheckpoint SSH policy, identity, listeners, and firewall evidence.
Capstone Checkpoint 346 Shell scripting Script input guardUse test checks to prove required files and directories exist.
Admin 347 Shell scripting Quoted argument reviewPreserve a multi-word value while capturing predictable output.
Admin 348 Shell scripting Predictable output contractCreate machine-readable status lines and verify their shape.
Admin 349 Shell scripting Script path resolutionResolve script paths and report their directory and basename.
Admin 350 Shell scripting Script change reviewCompare configuration snapshots and record a review marker.
Advanced Checkpoint 351 Shell scripting Shell workflow bridgeCheckpoint guards, path handling, output contracts, and change review.
Capstone Checkpoint 352 Networking Local name resolutionCompare hostname, hosts-file, and resolver configuration evidence.
Admin 353 Networking Route listener firewall correlationRead the route, active listeners, and firewall policy as one network baseline.
Advanced 354 Networking Networking bridgeCheckpoint name resolution, routes, listeners, and SSH client context.
Capstone Checkpoint 355 Package/process ops Package origin reviewCompare installed package metadata with package-owned files and change logs.
Admin 356 Package/process ops Process signal evidenceIdentify a process, inspect the snapshot, and record a simulated signal.
Admin 357 Troubleshooting DNS and service triageSeparate local name-resolution evidence from web-service health.
Advanced 358 Troubleshooting Permission regression triageEstablish identity and metadata before applying a narrow repair.
Advanced 359 Capstone labs Capstone multi-signal outageCorrelate service, config, journal, listener, and capacity evidence for an outage.
Capstone Checkpoint 360 Capstone labs Capstone verified restoreStage, compare, archive, and hash a restored web artifact.
Capstone Checkpoint