Everything you need to build your home lab and complete the 10 hands-on exercises.
Your lab machine needs to support hardware virtualization (VT-x / AMD-V).
Download these tools and images before starting the labs.
10 hands-on exercises corresponding to key chapters and mirroring the 29 live labs in CompTIA's A+ Cyber course.
Create, configure, and harden user accounts following the principle of least privilege. Create standard and admin users, set password policies (minimum length, max age, lockout threshold), and verify settings using PowerShell and net commands.
Configure file permissions and sudo access to enforce least privilege. Set restrictive permissions on sensitive files, create limited user accounts, and configure granular sudo access using visudo.
Parse authentication logs to identify and block brute-force SSH attempts. Analyze auth.log for failed passwords, identify offending IPs using awk/sort/uniq, and block attackers with ufw firewall rules.
Discover hosts and services on your local network using Nmap. Perform ping sweeps, port scans, service version detection, OS fingerprinting, and save scan results for analysis.
Configure iptables/ufw rules to implement a basic security policy. Set default deny incoming, allow specific services (SSH, HTTPS), enable the firewall, and test by attempting blocked connections.
Install and configure Snort in IDS mode to detect suspicious network activity. Write custom detection rules, run Snort in test and console mode, and trigger alerts with ICMP traffic.
Run a vulnerability scan and interpret the results using Greenbone Community Edition (OpenVAS). Create scan targets, execute full scans, and review Critical/High/Medium/Low findings with remediation priorities.
Write a Bash script that performs a basic security audit of a Linux system โ enumerate users with login shells, list sudoers, check listening ports, count failed logins, and find world-writable files.
Encrypt and decrypt files using both symmetric (AES-256) and asymmetric GPG encryption. Generate key pairs, verify keys, perform asymmetric encryption/decryption, and export public keys.
Practice all four NIST IR phases using a simulated compromised system. Create an IR checklist, detect unexpected services and suspicious processes, contain the threat with firewall rules, eradicate malicious artifacts, restore operations, and write a post-incident report.
Before starting each lab, take a VM snapshot. If something breaks, you can instantly revert without re-installing.
For labs involving scanning (Nmap, Metasploitable), use host-only networking to keep traffic isolated from your real network.
Keep a lab journal. Write down commands, outputs, and observations. This builds habits for real incident response work.