Unix ops lab

Security administration

Identity, sudo boundaries, SSH hardening, firewall rules, and review notes.

Track progress 0/360 lessons 0/17 missions 12 courses
0%
Continue View profile
01 Security administration Security admin

Practice security habits: identity, logs, firewall rules, and simulated sudo.

Core 12 minutes · whoami, id, groups, ufw, sudo, grep
02 Security administration SSH hardening

Read training SSH settings and confirm safer defaults without connecting anywhere.

Core 9 minutes · grep, cat, journalctl
03 Security administration Firewall and incident review

Inspect firewall state, add a simulated rule, and write a short incident note.

Core Checkpoint 10 minutes · ufw, grep, echo, cat
04 Security administration Auth log review

Search training SSH activity for accepted and denied attempts.

Admin 8 minutes · journalctl, grep
05 Security administration Firewall baseline

Inspect and update simulated firewall rules with caution.

Admin 8 minutes · ufw
06 Security administration SSH config review

Verify key SSH hardening settings.

Admin 7 minutes · grep
07 Security administration Least privilege review

Inspect identity and simulated sudo boundaries.

Admin 7 minutes · whoami, groups, sudo
08 Security administration Incident note

Write a short lab incident note from log evidence.

Admin 8 minutes · grep, echo, cat
09 Security administration Exposed services

Compare listeners, firewall rules, and nginx config.

Admin 8 minutes · ss, ufw, grep
10 Security administration Web hardening

Inspect training nginx API blocking and CSP headers.

Admin 8 minutes · grep, nginx
11 Security administration Script trust review

Hash and compare a training deployment script before trusting it.

Admin 8 minutes · sha256sum, cat, stat
12 Security administration Log retention review

Review log size and line counts before cleanup decisions.

Admin 7 minutes · du, find, wc
13 Security administration Account hygiene

Review training accounts and root presence safely.

Admin 7 minutes · cat, grep, id
14 Security administration Final incident review

Pull together logs, firewall state, and a final review note.

Admin Checkpoint 10 minutes · journalctl, grep, ufw, echo
15 Security administration SSH dry run

Inspect SSH client configuration without connecting.

Admin 8 minutes · ssh
16 Security administration SSH key fingerprint

Read a simulated key fingerprint.

Admin 8 minutes · ssh-keygen, stat
17 Security administration SCP dry run

Understand copy shape without network transfer.

Admin 8 minutes · scp, cat
18 Security administration Package security review

Inspect package metadata during a security review.

Advanced 8 minutes · apt, dpkg, grep
19 Security administration Auth config checkpoint

Review SSH, identity, firewall, and notes.

Capstone Checkpoint 8 minutes · ssh, ssh-keygen, ufw, echo
20 Security administration Hardening summary

Summarize posture from logs, config, and service exposure.

Capstone Checkpoint 8 minutes · grep, ss, tee
21 Security administration SSH hardening deep review

Review SSH config, key mode, and host identity.

Advanced 8 minutes · grep, stat, ssh-keygen
22 Security administration Firewall listener reconcile

Match exposed ports to firewall policy.

Advanced 8 minutes · ss, ufw, grep
23 Security administration Known host key context

Review SSH host identity without connecting.

Advanced 8 minutes · cat, grep, ssh
24 Security administration Sudo boundary review

Confirm sudo is limited to safe inspection.

Advanced 8 minutes · sudo, cat, grep
25 Security administration Account inventory review

Inventory users, groups, and service accounts.

Advanced 8 minutes · cut, grep, id
26 Security administration Package security deep review

Connect package state to recent package logs.

Advanced Checkpoint 8 minutes · apt, dpkg, grep
27 Security administration Log redaction note

Capture evidence without copying more than needed.

Advanced 8 minutes · grep, tee, wc
28 Security administration Hardening header review

Inspect web security header config and static API blocking.

Advanced 8 minutes · grep, nginx
29 Security administration Service exposure note

Write a short exposure review from listener evidence.

Advanced 8 minutes · ss, ufw, tee
30 Security administration Security evidence checkpoint

Tie identity, SSH, firewall, and logs into a review.

Capstone Checkpoint 8 minutes · whoami, grep, ufw, journalctl
31 Security administration SSH client and server policy

Compare resolved client settings with server authentication policy.

Admin 8 minutes · ssh, grep
32 Security administration Known-hosts hygiene

Inspect stored host identities alongside a key fingerprint.

Admin 8 minutes · cat, ssh-keygen, stat
33 Security administration Exposed service inventory

Compare listeners, firewall policy, and enabled service units.

Advanced 8 minutes · ss, ufw, systemctl
34 Security administration Privileged boundary review

Read the simulated sudo boundary and verify the target service action is inspection-only.

Advanced 8 minutes · cat, sudo, systemctl
35 Security administration Security administration bridge

Checkpoint SSH policy, identity, listeners, and firewall evidence.

Capstone Checkpoint 8 minutes · ssh, grep, ss, ufw
Command coverage

Commands you will practice here.

echo <text>

Print text or write lab notes with >.

cat <file>

Print text file contents.

grep [-i] <text> <file>

Find literal text inside a file.

cut -d <char> -f <n>

Extract delimited fields from text.

tee <file>

Write piped text to a lab file and keep it on screen.

wc [-l] <file>

Count lines, words, and characters.

sha256sum <file>

Print a deterministic training checksum.

find [path] [-name text]

Search lab filesystem paths.

stat <path>

Show lab file details.

whoami|id|groups

Inspect the learner account.

systemctl status <service>

Inspect simulated service status.

journalctl -u <service>

Read simulated service journal entries.

nginx -t

Validate training nginx configuration.

ss|ip

Inspect simulated sockets and addresses.

apt|dpkg|brew

Inspect simulated Linux and macOS package metadata.

ssh|scp|ssh-keygen

Practice SSH inspection and dry-run transfer shapes without network access.

ufw status

Inspect simulated firewall rules.