Mission 100

Final incident review

Pull together logs, firewall state, and a final review note.

Security administration
10 minutes Admin Lesson 100 of 360
journalctlgrepufwecho
Lesson 100 of 360 0/360 lessons 0/17 missions Security administration · 10 minutes
0%
Continue View profile
Ops lab terminal Training lab
New learnerrank 0XP 0%complete
learner@clairos:/home/learner $ Unix ops lab: type a command, press Enter
Instructions 10 minutes

Click any instruction for the command details, the why, and the common mistake to avoid.

Filter denied journal

Run journalctl -u ssh | grep denied.

journalctl -u ssh | grep denied
Check firewall

Run ufw status.

ufw status
Write final review

Run echo final-review > final-incident-review.txt.

echo final-review > final-incident-review.txt
Lesson support

What to notice while you play.

Objective

Complete a small end-to-end security review.

Hint

Filter SSH denied events, inspect firewall, then write a note.

Why it matters

Security administration is a repeatable evidence workflow.

Common mistakes
  • Skipping the final note.
  • Writing a note without checking current firewall state.
Reference

Commands in this lesson.

echo <text>

Print text or write lab notes with >.

grep [-i] <text> <file>

Find literal text inside a file.

journalctl -u <service>

Read simulated service journal entries.

ufw status

Inspect simulated firewall rules.