Courses

Choose your Unix Lab mission path.

A 360-lesson Linux and macOS terminal track from first commands to confident operator workflows.

Track progress 0/360 lessons 0/17 missions 12 courses
0%
Continue View profile
Active track
UNIX terminal operator

A 360-lesson Linux and macOS terminal track from first commands to confident operator workflows.

360 lessons 12 categories 56 checkpoints
All lessons

Short missions for terminal confidence.

01 Terminal basics Navigation

Map the training server, learn where you are, and move through directories.

Beginner 8 minutes · pwd, ls, cd, cat
02 Terminal basics Paths and shortcuts

Practice absolute paths, relative paths, dot, dot-dot, and home shortcuts.

Beginner 7 minutes · cd, pwd, ls
03 Terminal basics Hidden files

Use long and all listings to reveal dotfiles and read shell startup notes.

Beginner 7 minutes · ls -la, cat, stat
04 Terminal basics Command history

Run a few safe commands, review history, and clear the display without resetting state.

Beginner 6 minutes · echo, history, clear
05 Files and paths Files

Create folders and files, then copy, move, and remove lab files carefully.

Beginner 10 minutes · mkdir, touch, cp, mv, rm, find
06 Files and paths Copy and move

Duplicate and rename project files while checking paths before and after.

Beginner 8 minutes · cp, mv, ls, cat
07 Files and paths Safe deletion

Remove a single lab file and learn why wildcards, root, and force deletes are blocked.

Beginner 8 minutes · touch, rm, ls
08 Files and paths Find files

Search the simulated filesystem by root and filename pattern.

Beginner 8 minutes · find, ls, stat
09 Text and logs Viewing text

Open text, search logs, and inspect output without editing files.

Beginner 9 minutes · cat, head, tail, grep, stat
10 Text and logs Grep practice

Search literal text in logs and practice case-insensitive matching.

Beginner 8 minutes · grep, cat
11 Text and logs Log triage

Inspect access, error, auth, and service logs in a cautious order.

Beginner 9 minutes · tail, journalctl, grep
12 Text and logs Text pipelines

Use safe simulated pipes to count, sort, and deduplicate text output.

Beginner 9 minutes · echo, sort, uniq, wc
13 Nano and editing Editing with nano

Open the simulated nano editor, save a text file, and verify your change.

Beginner 10 minutes · nano, cat, stat
14 Nano and editing Editing config notes

Copy a system config into your lab, edit it safely, and compare the result.

Beginner 10 minutes · cp, nano, grep, cat
15 Nano and editing Edit and verify

Create a runbook, count its lines, and inspect metadata after saving.

Beginner 9 minutes · nano, wc, stat, cat
16 Permissions and users Permissions

Read and change simulated modes and ownership without risking real files.

Beginner 11 minutes · ls -l, chmod, chown, stat
17 Permissions and users Owners and groups

Practice simulated chown and chgrp changes while checking account context.

Beginner 9 minutes · whoami, groups, chgrp, stat
18 Permissions and users Permission review

Review sensitive training SSH and web files with long listings and metadata.

Beginner 9 minutes · ls -l, stat, grep
19 Server operations Server admin

Inspect simulated processes, services, and web server config like a cautious admin.

Beginner 12 minutes · ps, systemctl, cat, grep
20 Server operations Service inspection

Compare simulated service status and journal output before taking action.

Beginner 9 minutes · systemctl, journalctl, tail
21 Server operations Nginx validation

Read training nginx config and validate it without making real server changes.

Core 9 minutes · cat, grep, nginx -t
22 Server operations Resource inspection

Read simulated disk, memory, uptime, and directory usage signals.

Core 8 minutes · df, du, free, uptime
23 Security administration Security admin

Practice security habits: identity, logs, firewall rules, and simulated sudo.

Core 12 minutes · whoami, id, groups, ufw, sudo, grep
24 Security administration SSH hardening

Read training SSH settings and confirm safer defaults without connecting anywhere.

Core 9 minutes · grep, cat, journalctl
25 Security administration Firewall and incident review

Inspect firewall state, add a simulated rule, and write a short incident note.

Core Checkpoint 10 minutes · ufw, grep, echo, cat
26 Terminal basics Manual pages

Use simulated manual pages to learn command intent before running tools.

Core 6 minutes · man, help
27 Terminal basics Command locations

Use which to understand how shells find commands.

Core 6 minutes · which
28 Terminal basics Environment variables

Inspect a simulated environment without exposing real browser or server secrets.

Core 7 minutes · env, echo, pwd
29 Terminal basics System identity

Inspect simulated kernel, hostname, and clock output.

Core 6 minutes · uname, hostname, date
30 Terminal basics Identity context

Use identity commands before interpreting permissions and logs.

Core 6 minutes · whoami, id, groups
31 Terminal basics Option patterns

Compare short flags and long listings in a safe directory.

Core 7 minutes · ls, man
32 Terminal basics Safe movement

Move between root, etc, and home while checking location.

Core 7 minutes · cd, pwd
33 Terminal basics Quoted paths

Create and list a path that contains a space.

Core 8 minutes · mkdir, touch, ls
34 Terminal basics Output redirection

Write simple command output into a safe lab file.

Core 7 minutes · echo, cat
35 Terminal basics Reset the lab

See the difference between local changes and resetting the lab environment.

Core 6 minutes · touch, reset, ls
36 Files and paths Directory size map

Combine find, du, and df to reason about storage safely.

Core 8 minutes · find, du, df
37 Files and paths Symbolic links

Create and inspect a simulated symbolic link.

Core 8 minutes · mkdir, ln, stat
38 Files and paths Archive basics

Create and list a simulated tar archive.

Core 8 minutes · mkdir, tar
39 Files and paths File differences

Compare two training config files before editing either one.

Core 8 minutes · diff, cat
40 Files and paths Checksums

Use deterministic training hashes to verify file identity.

Core 7 minutes · sha256sum, cat
41 Files and paths Rename workflow

Create a report draft and rename it safely.

Core 8 minutes · mkdir, touch, mv
42 Files and paths Wildcard safety

See why broad delete patterns are blocked in the lab.

Core 7 minutes · find, rm, ls
43 Files and paths Path normalization

Use dot and dot-dot safely without leaving the simulated filesystem.

Core 7 minutes · stat, cd
44 Files and paths Script metadata

Inspect and update simulated script permissions.

Core 8 minutes · stat, chmod
45 Files and paths SSH file layout

Inspect common SSH files without making any network connection.

Core 7 minutes · ls, cat, stat
46 Files and paths Scratch workspace

Create a temporary lab area inside home and clean one file safely.

Core 8 minutes · mkdir, touch, rm
47 Text and logs Paging logs

Use less, head, and tail to read logs in chunks.

Core 8 minutes · less, head, tail
48 Text and logs Case-insensitive search

Find text regardless of capitalization.

Core 7 minutes · grep, wc
49 Text and logs Pipeline counts

Filter logs through safe text pipelines.

Core 8 minutes · cat, grep, wc, journalctl
50 Text and logs Port text review

Read, sort, and count a training port list.

Core Checkpoint 7 minutes · sort, uniq, wc, tail
51 Text and logs Config text compare

Use grep and diff to compare two config snapshots.

Core 8 minutes · diff, grep
52 Text and logs Journal windows

Read only the last few simulated journal lines.

Core 7 minutes · journalctl, tail
53 Text and logs Kernel log basics

Inspect simulated kernel messages for mount and network clues.

Core 7 minutes · head, grep, tail
54 Text and logs Package log basics

Inspect simulated package activity without installing anything.

Core 7 minutes · grep, tail, wc
55 Text and logs Access log review

Filter training HTTP access lines for status and method clues.

Core 7 minutes · grep, wc, tail
56 Text and logs Error patterns

Search different logs for warning and denied patterns.

Core 7 minutes · grep, journalctl
57 Text and logs Redaction notes

Write a safe note that marks sensitive data as redacted.

Core 7 minutes · echo, grep, cat
58 Nano and editing Nano runbook

Create a small operational runbook in simulated nano.

Core 9 minutes · mkdir, nano, cat
59 Nano and editing Nano SSH config copy

Copy SSH config to the lab and inspect it after opening nano.

Core 9 minutes · cp, nano, grep
60 Nano and editing Nano env example

Create a simulated env example without storing real secrets.

Core 8 minutes · nano, cat, stat
61 Nano and editing Nano nginx comment

Open a copied nginx config and validate the training server config.

Admin 9 minutes · cp, nano, nginx
62 Nano and editing Nano permission note

Write a permission review note and set a private mode.

Admin 8 minutes · nano, chmod, stat
63 Nano and editing Nano replace review

Start with redirected text, then review it in nano.

Admin 8 minutes · echo, nano, cat
64 Nano and editing Nano config backup

Back up a config copy before editing it.

Admin 9 minutes · cp, nano, diff
65 Nano and editing Nano service notes

Write service review notes and compare them with service status.

Admin 8 minutes · nano, systemctl, cat
66 Nano and editing Nano incident timeline

Write a timeline and compare it with SSH journal entries.

Admin 9 minutes · nano, journalctl, cat
67 Nano and editing Nano checklist

Create a checklist and search it for a completion marker.

Admin 8 minutes · nano, grep, cat
68 Permissions and users Numeric modes

Set and inspect numeric file modes.

Admin 8 minutes · chmod, stat, ls
69 Permissions and users Directory modes

Review why private directories use tighter modes.

Admin 7 minutes · chmod, stat, ls
70 Permissions and users Owner review

Change simulated owner and group labels on a web file.

Admin 8 minutes · chown, chgrp, stat
71 Permissions and users Passwd and group files

Read training account and group records.

Admin 7 minutes · cat, grep
72 Permissions and users Sudoers review

Read a simulated sudoers drop-in without granting power.

Admin 7 minutes · cat, grep
73 Permissions and users Public and private files

Compare web-readable and private-note permissions.

Admin 8 minutes · stat, chmod
74 Permissions and users Protected paths

Try a blocked system delete and inspect the protected file.

Admin 6 minutes · rm, stat, whoami
75 Permissions and users Group collaboration

Create a shared lab note and set group-oriented metadata.

Admin Checkpoint 8 minutes · mkdir, touch, chgrp, chmod
76 Permissions and users Temporary directory concept

Inspect simulated /tmp and keep scratch work inside home.

Admin 7 minutes · stat, ls, mkdir
77 Permissions and users Executable scripts

Read and mark a training deploy script executable.

Admin 8 minutes · cat, chmod, ls
78 Permissions and users Sensitive path audit

Find and inspect sensitive configuration paths.

Admin 7 minutes · find, stat
79 Server operations Host network view

Inspect simulated hostname, addresses, and listening sockets.

Admin 7 minutes · hostname, ip, ss
80 Server operations Service list

List simulated units and check nginx activity.

Admin 7 minutes · systemctl
81 Server operations Service files

Inspect simulated unit files and journals together.

Admin 8 minutes · systemctl, cat, journalctl
82 Server operations Nginx site map

Inspect training nginx site layout and run a config test.

Admin 8 minutes · ls, cat, nginx
83 Server operations Ports and processes

Compare simulated listener and process views.

Admin 7 minutes · ss, ps, grep
84 Server operations Resource baseline

Read simulated disk, memory, and load indicators together.

Admin 7 minutes · df, free, uptime
85 Server operations Log disk review

Estimate simulated log size and list log files.

Admin 7 minutes · du, find, tail
86 Server operations Deploy script review

Read, hash, and inspect a training deploy script.

Admin 8 minutes · cat, sha256sum, stat
87 Server operations Service failure review

Inspect a simulated inactive backup service.

Admin 8 minutes · systemctl, journalctl
88 Server operations Config test loop

Copy, open, and test nginx configuration safely.

Admin 9 minutes · cp, nano, nginx
89 Server operations Scheduled tasks

Inspect simulated cron configuration and related logs.

Admin 7 minutes · cat, grep, systemctl
90 Security administration Auth log review

Search training SSH activity for accepted and denied attempts.

Admin 8 minutes · journalctl, grep
91 Security administration Firewall baseline

Inspect and update simulated firewall rules with caution.

Admin 8 minutes · ufw
92 Security administration SSH config review

Verify key SSH hardening settings.

Admin 7 minutes · grep
93 Security administration Least privilege review

Inspect identity and simulated sudo boundaries.

Admin 7 minutes · whoami, groups, sudo
94 Security administration Incident note

Write a short lab incident note from log evidence.

Admin 8 minutes · grep, echo, cat
95 Security administration Exposed services

Compare listeners, firewall rules, and nginx config.

Admin 8 minutes · ss, ufw, grep
96 Security administration Web hardening

Inspect training nginx API blocking and CSP headers.

Admin 8 minutes · grep, nginx
97 Security administration Script trust review

Hash and compare a training deployment script before trusting it.

Admin 8 minutes · sha256sum, cat, stat
98 Security administration Log retention review

Review log size and line counts before cleanup decisions.

Admin 7 minutes · du, find, wc
99 Security administration Account hygiene

Review training accounts and root presence safely.

Admin 7 minutes · cat, grep, id
100 Security administration Final incident review

Pull together logs, firewall state, and a final review note.

Admin Checkpoint 10 minutes · journalctl, grep, ufw, echo
101 Terminal basics Printf formatting

Use printf for predictable terminal output.

Core 8 minutes · printf, wc
102 Terminal basics Path components

Split paths into filenames and directories.

Core 8 minutes · basename, dirname, pwd
103 Terminal basics Link targets

Create and inspect a symbolic link target.

Core 8 minutes · ln, readlink, stat
104 Terminal basics Existence checks

Use test to reason about files and directories.

Core 8 minutes · test, stat, cat
105 Terminal basics Command composition review

Combine printing, tee, and reading a local note.

Core Checkpoint 8 minutes · printf, tee, cat
106 Terminal basics Terminal checkpoint

Review location, identity, and command memory.

Capstone Checkpoint 8 minutes · pwd, hostname, uname, history
107 Files and paths Delimited file fields

Use cut to extract fields from account records.

Core 8 minutes · cut, cat
108 Files and paths Structured file fields

Compare awk and cut views of structured text.

Core 8 minutes · awk, cut
109 Files and paths Bulk name review

Use xargs and basename to review path lists.

Advanced 8 minutes · printf, xargs, basename
110 Files and paths Path reporting

Build a small report from path helper commands.

Advanced 8 minutes · dirname, basename, tee
111 Files and paths Filesystem checkpoint

Verify archive, checksum, and search habits.

Capstone Checkpoint 8 minutes · tar, sha256sum, find
112 Text and logs Sed substitution

Preview text replacement without editing a log.

Core 8 minutes · sed, grep
113 Text and logs Awk column extraction

Use awk to pull simple columns from logs.

Core 8 minutes · awk, journalctl
114 Text and logs Cut field selection

Extract colon-delimited identity fields.

Core 8 minutes · cut, cat
115 Text and logs Text case transforms

Transform piped text with tr.

Core 8 minutes · printf, tr
116 Text and logs Capture with tee

Capture pipeline output to a lab note.

Advanced 8 minutes · grep, tee, cat
117 Text and logs Xargs bridge

Turn text into safe command arguments.

Advanced 8 minutes · printf, xargs, basename
118 Text and logs Text pipeline checkpoint

Combine search, field extraction, transform, and counting.

Capstone Checkpoint 8 minutes · grep, awk, tr, wc
119 Nano and editing Nano script stub

Open a script draft and review its executable metadata.

Admin 8 minutes · nano, chmod, stat
120 Nano and editing Nano cron note

Write a note after inspecting scheduled tasks.

Admin 8 minutes · crontab, nano, cat
121 Nano and editing Nano network note

Pair socket inspection with an operator note.

Admin 8 minutes · ss, nano, cat
122 Nano and editing Nano package note

Inspect package metadata and record a review.

Admin 8 minutes · apt, nano, cat
123 Nano and editing Editing checkpoint runbook

Create a final mini-runbook and verify it.

Capstone Checkpoint 8 minutes · nano, grep, cat
124 Permissions and users Test file types

Check file and directory types before changing modes.

Admin 8 minutes · test, stat
125 Permissions and users Sticky bit review

Inspect shared temporary directory metadata.

Admin Checkpoint 8 minutes · stat, ls
126 Permissions and users Script private mode

Set strict metadata on a script draft.

Admin 8 minutes · touch, chmod, stat
127 Permissions and users Ownership audit

Compare service account ownership across web files.

Advanced 8 minutes · stat, chown, chgrp
128 Permissions and users Link permission review

Review link metadata and target permissions together.

Advanced 8 minutes · ln, readlink, stat
129 Permissions and users Permissions checkpoint

Review modes, groups, ownership, and sensitive paths.

Capstone Checkpoint 8 minutes · stat, chmod, chgrp, test
130 Server operations Top process view

Read a simulated top snapshot before deeper process checks.

Admin 8 minutes · top, ps
131 Server operations Signal simulation

Practice signal language without stopping anything.

Admin 8 minutes · pgrep, kill, ps
132 Server operations Open files and listeners

Use lsof to relate sockets to services.

Admin 8 minutes · lsof, ss
133 Server operations Mount and block devices

Inspect simulated mounts and block devices.

Admin 8 minutes · mount, lsblk, df
134 Server operations Operations checkpoint

Pull process, service, storage, and log signals together.

Capstone Checkpoint 8 minutes · top, systemctl, journalctl, df
135 Security administration SSH dry run

Inspect SSH client configuration without connecting.

Admin 8 minutes · ssh
136 Security administration SSH key fingerprint

Read a simulated key fingerprint.

Admin 8 minutes · ssh-keygen, stat
137 Security administration SCP dry run

Understand copy shape without network transfer.

Admin 8 minutes · scp, cat
138 Security administration Package security review

Inspect package metadata during a security review.

Advanced 8 minutes · apt, dpkg, grep
139 Security administration Auth config checkpoint

Review SSH, identity, firewall, and notes.

Capstone Checkpoint 8 minutes · ssh, ssh-keygen, ufw, echo
140 Security administration Hardening summary

Summarize posture from logs, config, and service exposure.

Capstone Checkpoint 8 minutes · grep, ss, tee
141 Shell scripting Script shebang review

Read a script header and metadata before execution.

Advanced 8 minutes · head, stat
142 Shell scripting Script-style output

Use printf to create predictable script output.

Advanced 8 minutes · printf, tee
143 Shell scripting Test guards

Use test commands as script-style guards.

Advanced 8 minutes · test, echo
144 Shell scripting Basename in scripts

Use basename to report script inputs.

Advanced 8 minutes · basename, printf
145 Shell scripting Dirname in scripts

Use dirname to reason about script paths.

Advanced 8 minutes · dirname, pwd
146 Shell scripting Sed config preview

Preview config text replacement as a script step.

Advanced 8 minutes · sed, grep
147 Shell scripting Awk reports

Build a small report from fields.

Advanced 8 minutes · awk, tee
148 Shell scripting Cut in scripts

Extract account fields for script-style checks.

Advanced 8 minutes · cut, tee
149 Shell scripting Normalize text

Normalize labels before comparing output.

Advanced 8 minutes · tr, printf
150 Shell scripting Tee script logs

Capture command output as a script log.

Advanced Checkpoint 8 minutes · tee, cat
151 Shell scripting Xargs review

Use xargs for safe argument shaping.

Advanced 8 minutes · xargs, printf
152 Shell scripting Script execution mode

Set executable bits only after review.

Advanced 8 minutes · cat, chmod, stat
153 Shell scripting Script diff review

Compare config snapshots as a script review habit.

Advanced 8 minutes · diff, grep
154 Shell scripting Script checksum review

Hash scripts and compare notes before trusting them.

Advanced 8 minutes · sha256sum, cat
155 Shell scripting Shell scripting checkpoint

Complete a mini script-review workflow.

Capstone Checkpoint 8 minutes · test, printf, tee, chmod
156 Networking IP address review

Inspect interface addresses and routes.

Advanced 8 minutes · ip
157 Networking Socket listening review

Read listener state with ss.

Advanced 8 minutes · ss, grep
158 Networking Lsof network review

Use lsof to map listeners to services.

Advanced 8 minutes · lsof, pgrep
159 Networking SSH config dry run

Resolve SSH client config without connecting.

Advanced 8 minutes · ssh
160 Networking SSH version

Read client version and server settings.

Advanced 8 minutes · ssh, grep
161 Networking SCP plan

Preview secure-copy command shape without transfer.

Advanced 8 minutes · scp, cat
162 Networking DNS file review

Inspect resolver configuration as text.

Advanced 8 minutes · cat, grep
163 Networking Hosts file review

Inspect local host mappings.

Advanced 8 minutes · cat, grep
164 Networking Firewall service match

Compare firewall rules with service listeners.

Advanced 8 minutes · ufw, ss
165 Networking Port inventory text

Normalize and count port inventory text.

Advanced 8 minutes · sort, uniq, wc
166 Networking Network log grep

Search logs for link and access clues.

Advanced 8 minutes · grep, tail
167 Networking Interface baseline

Record a basic network baseline.

Advanced 8 minutes · ip, tee
168 Networking Listener baseline

Capture and inspect listener baseline output.

Advanced 8 minutes · ss, tee, cat
169 Networking SSH key context

Connect key fingerprints to SSH client config.

Advanced 8 minutes · ssh-keygen, ssh
170 Networking Networking checkpoint

Tie addresses, listeners, firewall, and SSH config together.

Capstone Checkpoint 8 minutes · ip, ss, ufw, ssh
171 Package/process ops APT installed packages

List simulated installed Linux packages.

Advanced 8 minutes · apt
172 Package/process ops APT package details

Inspect simulated package policy and metadata.

Advanced 8 minutes · apt
173 Package/process ops DPKG package list

Use dpkg to review installed package records.

Advanced 8 minutes · dpkg
174 Package/process ops DPKG files

List simulated files owned by a package.

Advanced 8 minutes · dpkg
175 Package/process ops DPKG status review

Connect package status to logs.

Advanced Checkpoint 8 minutes · dpkg, grep
176 Package/process ops Brew list

Practice macOS-style package inspection.

Advanced 8 minutes · brew
177 Package/process ops Brew info review

Compare brew info with Linux package logs.

Advanced 8 minutes · brew, grep
178 Package/process ops Pgrep process lookup

Find simulated process IDs by name.

Advanced 8 minutes · pgrep, ps
179 Package/process ops Top review

Use top and ps for process snapshots.

Advanced 8 minutes · top, ps
180 Package/process ops Package and process checkpoint

Review packages, process state, and recent package logs.

Capstone Checkpoint 8 minutes · apt, dpkg, top, grep
181 Troubleshooting Triage baseline

Start troubleshooting with system, service, and capacity facts.

Advanced 8 minutes · uptime, df, systemctl
182 Troubleshooting Failed service drill

Inspect an inactive service without restarting it.

Advanced 8 minutes · systemctl, journalctl
183 Troubleshooting Log correlation

Search multiple logs for related clues.

Advanced 8 minutes · grep, journalctl
184 Troubleshooting Config diff triage

Compare configs before guessing at a routing issue.

Advanced 8 minutes · diff, grep
185 Troubleshooting Disk pressure review

Use disk and log size commands in triage.

Advanced 8 minutes · df, du, find
186 Troubleshooting Permission denied triage

Inspect identity and file metadata before changing modes.

Advanced 8 minutes · whoami, groups, stat
187 Troubleshooting Network listener triage

Compare sockets, firewall, and config.

Advanced 8 minutes · ss, ufw, grep
188 Troubleshooting Package change triage

Use package logs to explain recent changes.

Advanced 8 minutes · grep, apt, dpkg
189 Troubleshooting Rollback note

Write a rollback note from evidence.

Advanced 8 minutes · printf, tee, cat
190 Troubleshooting Troubleshooting checkpoint

Complete a focused triage loop.

Capstone Checkpoint 8 minutes · uptime, systemctl, journalctl, tee
191 Capstone labs Capstone orientation

Start the final operator lab by mapping host, identity, and filesystem.

Capstone Checkpoint 8 minutes · pwd, hostname, id, ls
192 Capstone labs Capstone log sweep

Sweep auth, nginx, and package logs for evidence.

Capstone Checkpoint 8 minutes · grep, tail
193 Capstone labs Capstone service map

Map service status, units, and listeners.

Capstone Checkpoint 8 minutes · systemctl, ss, lsof
194 Capstone labs Capstone web config

Review and validate web server config.

Capstone Checkpoint 8 minutes · cat, grep, nginx
195 Capstone labs Capstone permission audit

Audit SSH, web, and private note permissions.

Capstone Checkpoint 8 minutes · stat, test
196 Capstone labs Capstone network audit

Review address, route, firewall, and SSH client config.

Capstone Checkpoint 8 minutes · ip, ufw, ssh
197 Capstone labs Capstone package audit

Review package state and process state together.

Capstone Checkpoint 8 minutes · apt, dpkg, top
198 Capstone labs Capstone incident runbook

Write an incident runbook from gathered evidence.

Capstone Checkpoint 8 minutes · nano, grep, cat
199 Capstone labs Capstone hardening review

Tie hardening settings to exposure and identity.

Capstone Checkpoint 8 minutes · grep, ss, whoami
200 Capstone labs Final operator check

Complete the UNIX operator final review.

Capstone Checkpoint 8 minutes · printf, tee, sha256sum, history
201 Terminal basics Manual depth review

Use manual pages and command paths before running unfamiliar tools.

Core 8 minutes · man, which
202 Terminal basics Option reading habits

Compare option-heavy commands without changing state.

Core 8 minutes · ls, ssh, scp
203 Terminal basics Terminal recovery

Recover orientation after clearing output or getting lost.

Core 8 minutes · clear, pwd, help
204 Terminal basics Quoted path habits

Use quotes when filenames contain spaces.

Core 8 minutes · touch, ls, stat
205 Files and paths Backup manifest review

Read a backup manifest before touching archive files.

Admin 8 minutes · cat, grep, stat
206 Files and paths Backup archive create

Create and list a small training backup archive.

Admin 8 minutes · tar, sha256sum
207 Files and paths Restore drill

Restore into a review folder before touching live paths.

Admin 8 minutes · cp, diff, stat
208 Files and paths Archive verification

List archive contents and compare checksums before trusting a backup.

Admin 8 minutes · tar, sha256sum, cat
209 Files and paths Checksum compare

Hash source and restored files to confirm they match.

Admin 8 minutes · sha256sum, cp
210 Files and paths Symlink inventory

Create, read, and inspect links before relying on them.

Admin 8 minutes · ln, readlink, stat
211 Files and paths Glob safety preview

List and find targets before deleting broad patterns.

Admin 8 minutes · find, ls, rm
212 Files and paths Temp cleanup review

Inspect temporary paths before cleanup decisions.

Admin 8 minutes · ls, stat, test
213 Text and logs Logrotate config review

Read log rotation settings as text.

Admin 8 minutes · cat, grep, sed
214 Text and logs Logrotate dry run

Dry-run log rotation without moving files.

Admin 8 minutes · logrotate, find
215 Text and logs Journal time window

Narrow journal output before reading a whole service history.

Admin 8 minutes · journalctl, grep
216 Text and logs Evidence bundle

Capture a focused evidence bundle into lab notes.

Admin 8 minutes · grep, tee, cat
217 Text and logs Sed window preview

Preview a small text window before searching a large file.

Admin 8 minutes · sed, grep
218 Text and logs Awk service summary

Extract service names from a baseline report.

Admin 8 minutes · awk, cut
219 Text and logs Access log triage

Search access logs for status and route signals.

Admin 8 minutes · grep, tail, wc
220 Text and logs Retention evidence review

Compare active and rotated logs before retention decisions.

Advanced 8 minutes · du, find, wc
221 Nano and editing Nano config copy

Copy config into lab before editing notes.

Admin 8 minutes · cp, nano, diff
222 Nano and editing Nano rollback note

Write rollback notes after reading evidence.

Admin 8 minutes · cat, nano, stat
223 Nano and editing Nano nginx review

Pair nginx validation with an operator note.

Admin 8 minutes · nginx, nano, cat
224 Nano and editing Nano incident template

Use an incident template to structure review notes.

Admin 8 minutes · cp, nano, grep
225 Nano and editing Nano service note

Record service findings after inspecting unit state.

Admin Checkpoint 8 minutes · systemctl, nano, journalctl
226 Permissions and users SSH directory audit

Review SSH directory and file modes together.

Admin 8 minutes · stat, ls
227 Permissions and users Known hosts review

Inspect known_hosts as sensitive SSH context.

Admin 8 minutes · cat, stat, grep
228 Permissions and users Service user ownership

Compare service users with files they serve.

Admin 8 minutes · cat, stat, grep
229 Permissions and users Shared directory risk

Inspect shared directories before trusting their contents.

Admin 8 minutes · stat, ls, test
230 Permissions and users Sudoers readonly review

Read a limited sudo rule without changing privileges.

Admin 8 minutes · cat, grep, stat
231 Permissions and users Web root mode review

Set and verify public web file permissions.

Admin 8 minutes · stat, chmod, test
232 Permissions and users Group write risk

Spot group ownership before changing modes.

Advanced 8 minutes · chgrp, chmod, stat
233 Permissions and users Least privilege audit

Review identity, service ownership, and sensitive modes.

Advanced 8 minutes · id, stat, grep
234 Server operations Systemctl cat review

Read service unit files before making assumptions.

Admin 8 minutes · systemctl, grep
235 Server operations Unit dependency reading

Read service definitions and list units together.

Admin 8 minutes · systemctl, cat
236 Server operations Journal narrowing

Use recent journal windows before scanning full logs.

Admin 8 minutes · journalctl
237 Server operations Cron service review

Connect cron service status, schedule, and logs.

Admin 8 minutes · systemctl, crontab, grep
238 Server operations Mount storage review

Compare mounted filesystems and block-device inventory.

Admin 8 minutes · mount, lsblk, df
239 Server operations Nginx validate loop

Validate config, read config, and compare a changed copy.

Admin 8 minutes · nginx, cat, diff
240 Server operations Resource baseline advanced

Build a resource baseline from uptime, memory, and disk.

Admin 8 minutes · uptime, free, df
241 Server operations Open file triage

Map open sockets and processes to services.

Admin 8 minutes · lsof, pgrep, systemctl
242 Server operations Backup service note

Inspect an inactive backup service and write a review marker.

Admin 8 minutes · systemctl, journalctl, printf
243 Server operations Service failure notes

Read failed service evidence without restarting anything.

Advanced 8 minutes · systemctl, journalctl, tee
244 Server operations Mac service orientation

Compare launchd-style inspection with systemd habits.

Advanced 8 minutes · launchctl, plutil
245 Security administration SSH hardening deep review

Review SSH config, key mode, and host identity.

Advanced 8 minutes · grep, stat, ssh-keygen
246 Security administration Firewall listener reconcile

Match exposed ports to firewall policy.

Advanced 8 minutes · ss, ufw, grep
247 Security administration Known host key context

Review SSH host identity without connecting.

Advanced 8 minutes · cat, grep, ssh
248 Security administration Sudo boundary review

Confirm sudo is limited to safe inspection.

Advanced 8 minutes · sudo, cat, grep
249 Security administration Account inventory review

Inventory users, groups, and service accounts.

Advanced 8 minutes · cut, grep, id
250 Security administration Package security deep review

Connect package state to recent package logs.

Advanced Checkpoint 8 minutes · apt, dpkg, grep
251 Security administration Log redaction note

Capture evidence without copying more than needed.

Advanced 8 minutes · grep, tee, wc
252 Security administration Hardening header review

Inspect web security header config and static API blocking.

Advanced 8 minutes · grep, nginx
253 Security administration Service exposure note

Write a short exposure review from listener evidence.

Advanced 8 minutes · ss, ufw, tee
254 Security administration Security evidence checkpoint

Tie identity, SSH, firewall, and logs into a review.

Capstone Checkpoint 8 minutes · whoami, grep, ufw, journalctl
255 Shell scripting Shebang reading

Inspect script interpreter declarations before execution.

Admin 8 minutes · head, grep, stat
256 Shell scripting Set eu review

Recognize strict-mode style script guards.

Admin 8 minutes · grep, cat, sha256sum
257 Shell scripting Script guard checks

Check required files before script-style work.

Admin 8 minutes · test, stat, printf
258 Shell scripting Script log capture

Capture script-style output into a log file.

Admin 8 minutes · printf, tee, cat
259 Shell scripting Path helper script review

Use basename and dirname as script building blocks.

Admin 8 minutes · basename, dirname, printf
260 Shell scripting Config diff script

Review config drift with diff and grep.

Admin 8 minutes · diff, grep, tee
261 Shell scripting Argument shape review

Use xargs only for safe argument shaping.

Advanced 8 minutes · printf, xargs, history
262 Shell scripting Executable bit review

Set executable mode only after reading a script.

Advanced 8 minutes · cat, chmod, stat
263 Shell scripting Checksum before run

Hash scripts and read notes before trusting them.

Advanced 8 minutes · sha256sum, cat, grep
264 Shell scripting Shell expanded checkpoint

Complete a script review from guards to logs.

Capstone Checkpoint 8 minutes · test, grep, tee, stat
265 Networking Route reading

Read IP address and route information together.

Admin 8 minutes · ip, hostname
266 Networking DNS hosts comparison

Compare resolver and hosts file context.

Admin 8 minutes · cat, grep, stat
267 Networking Listener ownership

Map listeners to processes and service state.

Admin 8 minutes · ss, lsof, systemctl
268 Networking Firewall port inventory

Compare firewall rules to a port inventory file.

Admin 8 minutes · ufw, cat, sort
269 Networking SSH dry-run review

Resolve SSH config and key context without connecting.

Admin 8 minutes · ssh, cat, stat
270 Networking SCP transfer plan

Plan a copy command without opening a network connection.

Admin 8 minutes · scp, cat, sha256sum
271 Networking Interface evidence capture

Capture interface and route evidence into lab notes.

Admin 8 minutes · ip, tee, cat
272 Networking Network incident logs

Search kernel and access logs for network clues.

Advanced 8 minutes · grep, tail
273 Package/process ops APT DPKG Brew compare

Compare Linux and macOS package inspection tools.

Admin 8 minutes · apt, dpkg, brew
274 Package/process ops Package file ownership

Map package names to owned files.

Admin 8 minutes · dpkg, cat, grep
275 Package/process ops Package status log correlation

Connect package status output to package logs.

Admin Checkpoint 8 minutes · dpkg, grep, apt
276 Package/process ops Process lookup drill

Find process IDs and compare snapshots.

Admin 8 minutes · pgrep, ps, top
277 Package/process ops Signal choice review

Record signal intent without stopping anything.

Admin 8 minutes · pgrep, kill, journalctl
278 Package/process ops Top ps snapshot

Compare top and ps output before acting.

Admin 8 minutes · top, ps, uptime
279 Package/process ops Package change evidence

Find package changes and capture an evidence note.

Advanced 8 minutes · grep, tee, dpkg
280 Package/process ops Package process expanded checkpoint

Tie package inventory, process state, and logs together.

Capstone Checkpoint 8 minutes · apt, dpkg, top, grep
281 Troubleshooting Incident website down

Triage a simulated website outage from service, config, and logs.

Advanced 8 minutes · systemctl, nginx, tail
282 Troubleshooting Incident disk filling

Use disk and log evidence for storage triage.

Advanced 8 minutes · df, du, find
283 Troubleshooting Incident bad deploy

Compare configs and hash scripts during deploy triage.

Advanced 8 minutes · diff, sha256sum, nginx
284 Troubleshooting Incident unknown listener

Map a listener to process and firewall evidence.

Advanced 8 minutes · ss, lsof, ufw
285 Troubleshooting Incident permission denied

Inspect identity and modes before changing permissions.

Advanced 8 minutes · whoami, groups, stat
286 Troubleshooting Incident suspicious login

Search auth evidence and SSH policy together.

Advanced 8 minutes · grep, journalctl
287 Troubleshooting Incident package regression

Review package upgrade evidence during triage.

Advanced 8 minutes · grep, apt, dpkg
288 Troubleshooting Incident cron failure

Connect cron schedule, service, and logs.

Advanced 8 minutes · crontab, systemctl, grep
289 Troubleshooting Incident backup inactive

Triage inactive backup state and manifest context.

Advanced 8 minutes · systemctl, journalctl, cat
290 Troubleshooting Incident nginx config mismatch

Compare active config and expected config examples.

Advanced 8 minutes · cat, diff, grep
291 Troubleshooting Incident resource spike

Build a resource snapshot before blaming a process.

Advanced 8 minutes · uptime, top, free
292 Troubleshooting Incident rollback evidence

Capture rollback evidence before writing a note.

Advanced 8 minutes · grep, tee, sha256sum
293 Troubleshooting Incident evidence bundle

Collect service, log, and network evidence in one drill.

Advanced 8 minutes · systemctl, grep, ss, tee
294 Troubleshooting Final triage loop

Complete a full triage loop with evidence and a final marker.

Capstone Checkpoint 8 minutes · uptime, systemctl, journalctl, tee
295 Capstone labs Capstone website outage

Investigate a website outage using service, config, logs, and listeners.

Capstone Checkpoint 8 minutes · systemctl, nginx, tail, ss
296 Capstone labs Capstone disk pressure

Investigate disk pressure and log retention evidence.

Capstone Checkpoint 8 minutes · df, du, logrotate, find
297 Capstone labs Capstone suspicious login

Review auth evidence, SSH policy, firewall state, and notes.

Capstone Checkpoint 8 minutes · grep, journalctl, ufw, tee
298 Capstone labs Capstone bad deploy

Review deployment script, config diff, nginx validation, and rollback notes.

Capstone Checkpoint 8 minutes · sha256sum, diff, nginx, tee
299 Capstone labs Capstone unknown listener

Reconcile listeners, process owners, firewall, and service state.

Capstone Checkpoint 8 minutes · ss, lsof, ufw, systemctl
300 Capstone labs Capstone backup restore review

Review backup manifest, archive, restored file, and checksum evidence.

Capstone Checkpoint 8 minutes · cat, tar, diff, sha256sum
301 Terminal basics Command anatomy review

Separate a command name, its options, and its target before pressing Enter.

Beginner 8 minutes · man, which, ls
302 Terminal basics Option reading drill

Use help output before applying search options to a log.

Beginner 8 minutes · man, grep, history
303 Terminal basics Quoted paths with spaces

Use quotes so a path containing spaces remains one argument.

Core 8 minutes · mkdir, touch, ls
304 Terminal basics Escaped spaces

Use a backslash to keep an escaped space inside one path argument.

Core 8 minutes · touch, file, realpath
305 Terminal basics Builtins and executable paths

Compare shell builtins with commands found on PATH.

Core 8 minutes · type, which
306 Terminal basics Output capture contract

Print a predictable marker, capture it, and read it back.

Core 8 minutes · printf, tee, cat
307 Terminal basics Absolute and relative path report

Resolve relative names into full canonical paths.

Core 8 minutes · pwd, realpath
308 Terminal basics Help before change

Build the habit of reading command guidance and current metadata first.

Core 8 minutes · help, man, stat
309 Terminal basics Terminal recovery sequence

Reorient, review recent work, and clear the display without losing state.

Core 8 minutes · pwd, history, clear
310 Terminal basics Terminal foundations bridge

Checkpoint command lookup, path resolution, output capture, and history.

Capstone Checkpoint 8 minutes · type, realpath, tee, history
311 Files and paths File type inspection

Identify files, directories, links, and text before acting on them.

Core 8 minutes · file, stat
312 Files and paths Canonical path review

Turn relative and linked paths into stable absolute locations.

Core 8 minutes · realpath, pwd
313 Files and paths Temporary workspaces

Create bounded temporary files and directories for disposable work.

Core 8 minutes · mktemp, ls
314 Files and paths Sorted inventory comparison

Compare two sorted account inventories without modifying either file.

Core 8 minutes · comm, cat
315 Files and paths Restore copy verification

Copy a restore candidate and compare it with its source.

Admin 8 minutes · cp, diff, sha256sum
316 Files and paths Symlink chain audit

Create a link, inspect its stored target, and resolve the final path.

Admin 8 minutes · ln, readlink, realpath
317 Files and paths Archive manifest workflow

Create an archive, list its members, and hash the artifact.

Admin 8 minutes · tar, sha256sum
318 Files and paths Files and paths bridge

Checkpoint file type, canonical path, inventory comparison, and integrity checks.

Capstone Checkpoint 8 minutes · file, realpath, comm, sha256sum
319 Text and logs Numbered log reading

Add stable line numbers to a short authentication-log view.

Core 8 minutes · nl, head
320 Text and logs Sorted account diff

Use comm to separate shared and unique account names.

Core 8 minutes · comm, nl
321 Text and logs Journal line numbering

Number a narrowed service journal so evidence is easy to reference.

Admin 8 minutes · journalctl, nl
322 Text and logs Three-stage evidence pipeline

Search, number, and limit log evidence in one bounded pipeline.

Admin 8 minutes · grep, nl, head
323 Text and logs Config substitution preview

Preview a port substitution and compare it with the unchanged source.

Admin 8 minutes · sed, grep, nl
324 Text and logs Rotated access comparison

Compare active and rotated access logs before summarizing traffic.

Admin 8 minutes · diff, tail, nl
325 Text and logs Incident template numbering

Number a runbook template so collaborators can reference exact fields.

Admin Checkpoint 8 minutes · nl, grep, wc
326 Text and logs Text evidence bridge

Checkpoint numbered logs, sorted comparisons, and bounded pipelines.

Capstone Checkpoint 8 minutes · grep, nl, comm, wc
327 Nano and editing Nano search workflow

Create a structured note and verify a marker after saving.

Core 8 minutes · nano, grep, cat
328 Nano and editing Nano config-copy edit

Edit a disposable config copy and compare it with the original.

Admin 8 minutes · cp, nano, diff
329 Nano and editing Nano recovery note

Write a rollback-oriented note and verify every required field.

Admin 8 minutes · nano, grep, stat
330 Nano and editing Nano editing bridge

Checkpoint search, save, verification, and recovery-note habits.

Capstone Checkpoint 8 minutes · nano, grep, wc
331 Permissions and users Directory traversal modes

Set and inspect a directory mode that supports controlled traversal.

Admin 8 minutes · mkdir, chmod, stat
332 Permissions and users Shared group directory

Prepare a group-owned workspace and inspect its collaboration mode.

Admin 8 minutes · mkdir, chgrp, chmod, stat
333 Permissions and users SSH mode matrix

Compare directory and key-file modes used by an SSH account.

Admin 8 minutes · stat, chmod
334 Permissions and users Service account ownership

Relate a web file owner to the identity used by its service.

Admin 8 minutes · stat, id, systemctl
335 Permissions and users Least privilege bridge

Checkpoint ownership, group assignment, and minimum useful modes.

Capstone Checkpoint 8 minutes · touch, chown, chmod, stat
336 Server operations Unit file reading

Read a service definition before interpreting its runtime state.

Admin 8 minutes · systemctl, grep
337 Server operations Service state triangulation

Compare status, active state, and journal evidence for one service.

Admin 8 minutes · systemctl, journalctl
338 Server operations Mount and capacity correlation

Connect mounted filesystems, block devices, and available space.

Admin 8 minutes · mount, lsblk, df
339 Server operations Scheduled service evidence

Relate a user schedule to cron service state and log entries.

Admin 8 minutes · crontab, systemctl, grep
340 Server operations Server operations bridge

Checkpoint unit, journal, process, and storage evidence.

Capstone Checkpoint 8 minutes · systemctl, journalctl, top, df
341 Security administration SSH client and server policy

Compare resolved client settings with server authentication policy.

Admin 8 minutes · ssh, grep
342 Security administration Known-hosts hygiene

Inspect stored host identities alongside a key fingerprint.

Admin 8 minutes · cat, ssh-keygen, stat
343 Security administration Exposed service inventory

Compare listeners, firewall policy, and enabled service units.

Advanced 8 minutes · ss, ufw, systemctl
344 Security administration Privileged boundary review

Read the simulated sudo boundary and verify the target service action is inspection-only.

Advanced 8 minutes · cat, sudo, systemctl
345 Security administration Security administration bridge

Checkpoint SSH policy, identity, listeners, and firewall evidence.

Capstone Checkpoint 8 minutes · ssh, grep, ss, ufw
346 Shell scripting Script input guard

Use test checks to prove required files and directories exist.

Admin 8 minutes · test, stat
347 Shell scripting Quoted argument review

Preserve a multi-word value while capturing predictable output.

Admin 8 minutes · printf, tee, cat
348 Shell scripting Predictable output contract

Create machine-readable status lines and verify their shape.

Admin 8 minutes · printf, tee, grep
349 Shell scripting Script path resolution

Resolve script paths and report their directory and basename.

Admin 8 minutes · realpath, basename, dirname
350 Shell scripting Script change review

Compare configuration snapshots and record a review marker.

Advanced Checkpoint 8 minutes · diff, grep, tee
351 Shell scripting Shell workflow bridge

Checkpoint guards, path handling, output contracts, and change review.

Capstone Checkpoint 8 minutes · test, realpath, tee, sha256sum
352 Networking Local name resolution

Compare hostname, hosts-file, and resolver configuration evidence.

Admin 8 minutes · hostname, cat, grep
353 Networking Route listener firewall correlation

Read the route, active listeners, and firewall policy as one network baseline.

Advanced 8 minutes · ip, ss, ufw
354 Networking Networking bridge

Checkpoint name resolution, routes, listeners, and SSH client context.

Capstone Checkpoint 8 minutes · cat, ip, ss, ssh
355 Package/process ops Package origin review

Compare installed package metadata with package-owned files and change logs.

Admin 8 minutes · apt, dpkg, grep
356 Package/process ops Process signal evidence

Identify a process, inspect the snapshot, and record a simulated signal.

Admin 8 minutes · pgrep, ps, kill
357 Troubleshooting DNS and service triage

Separate local name-resolution evidence from web-service health.

Advanced 8 minutes · cat, grep, systemctl, ss
358 Troubleshooting Permission regression triage

Establish identity and metadata before applying a narrow repair.

Advanced 8 minutes · whoami, touch, chmod, stat
359 Capstone labs Capstone multi-signal outage

Correlate service, config, journal, listener, and capacity evidence for an outage.

Capstone Checkpoint 8 minutes · systemctl, nginx, journalctl, ss, df
360 Capstone labs Capstone verified restore

Stage, compare, archive, and hash a restored web artifact.

Capstone Checkpoint 8 minutes · cp, file, diff, tar, sha256sum