Unit 1 — Introduction to Security 2 labs
1.1 Understanding Social Engineering 1 lab
1.2 Suspicious Website Logins 1 lab
Unit 2 — Securing Spaces 2 labs
2.1 Securing Spaces — Foundations coming soon · 0 labs
2.2 Securing Spaces — Controls coming soon · 0 labs
2.3 Protecting Physical Spaces 2 labs
Unit 3 — Securing Networks 29 labs
3.1 Network Vulnerabilities and Attacks 6 labs
- Lab 7.2.6-CR — Scan an Asset for Cleartext-Transport Vulnerabilities3.1 Network Vulnerabilities and Attacks · Sec+ 2.2, 3.3, 4.3, 4.4
- Lab — Scan an FTP Server for Vulnerabilities | VANTAGE VM3.1 Network Vulnerabilities and Attacks · Sec+ 2.2, 4.3, 4.4, 4.9
- Lab — Scan and Remediate Windows Host Vulnerabilities (SY0-701 5.2.3)3.1 Network Vulnerabilities and Attacks · Sec+ 4.3, 5.2
- ScanForge Lab — Scan a Linux Network for Vulnerabilities3.1 Network Vulnerabilities and Attacks · Sec+ 4.3
- SentryScope Lab — Domain Controller Vulnerability Scan3.1 Network Vulnerabilities and Attacks · Sec+ 4.3
- TLS Vulnerability Scan — Security+ Lab3.1 Network Vulnerabilities and Attacks · Sec+ 4.3, 4.4
3.2 Protecting Networks: Managerial Controls and Wireless Security 10 labs
- Lab — Secure Management Access on a Network Firewall Appliance3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 1.2, 4.1, 4.6
- Harden a Wireless Network — Lab Simulation3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 2.2, 2.5, 4.1
- Lab — Harden a Factory-Default Access Switch3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 2.2, 2.5, 4.1, 4.6
- Lab: Switch Port Hardening3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 2.5, 3.2, 4.1
- Restrict Devices with a MAC-Based ACL3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 2.5, 3.2, 4.1
- Restrict VTY (Telnet/SSH) Access3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 2.5, 4.5
- Secure Switch Access (Hardening)3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 2.5, 4.1, 4.6
- Lab — Configure an IPSec VPN (iPadOS)3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 3.2
- Stand Up a Remote-Access VPN — Tidewater Edge Console3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 3.2
- Configure a WPA2-Personal Wireless Network3.2 Protecting Networks: Managerial Controls and Wireless Security · Sec+ 4.1
3.3 Protecting Networks: Segmentation 2 labs
- Lab — Stand Up a Guest BYOD Wireless Network3.3 Protecting Networks: Segmentation · Sec+ 2.5, 4.1
- Lab — Deploy a Screened Subnet (Sentinel Gateway OS)3.3 Protecting Networks: Segmentation · Sec+ 3.2, 4.5
3.4 Protecting Networks: Firewalls 4 labs
- Permit Traffic on a Standard ACL3.4 Protecting Networks: Firewalls · Sec+ 2.5, 4.5
- Standard ACL: Block Source Hosts3.4 Protecting Networks: Firewalls · Sec+ 2.5, 4.5
- AegisWall Console — Edge Appliance Setup Lab3.4 Protecting Networks: Firewalls · Sec+ 3.2
- Lab: Publish a DMZ Web Server Through the Perimeter Firewall3.4 Protecting Networks: Firewalls · Sec+ 3.2, 4.5
3.5 Detecting Network Attacks 7 labs
- WaveCore Controller — RF Hardening Lab3.5 Detecting Network Attacks · Sec+ 2.2, 2.4, 4.1
- Lab — Analyze a SYN Flood Attack3.5 Detecting Network Attacks · Sec+ 2.4
- Lab — Configure Wireless Intrusion Prevention (Halonet WC-7)3.5 Detecting Network Attacks · Sec+ 2.4, 4.1
- Lab — Detect ARP Poisoning with a Packet Capture3.5 Detecting Network Attacks · Sec+ 2.4, 4.9
- On-Path DNS Spoofing — Security+ Lab3.5 Detecting Network Attacks · Sec+ 2.4
- Edge IPS Lab — Configure Snort Inline Protection (pfSense)3.5 Detecting Network Attacks · Sec+ 3.2, 4.5
- Severity-Tiered Switch Logging — Security+ Lab3.5 Detecting Network Attacks · Sec+ 4.4, 4.9
Unit 4 — Securing Devices 39 labs
4.1 Securing Devices — Foundations coming soon · 0 labs
4.2 Authentication 22 labs
- Lab — Create a Security Group (Directory Console)4.2 Authentication · Sec+ 1.1, 4.6
- Provision Active Directory User Accounts — Security+ Lab4.2 Authentication · Sec+ 1.2, 2.5, 4.6
- Hashfall — Rainbow Table Hash Recovery4.2 Authentication · Sec+ 1.4, 2.4
- Password-Strength Audit Lab — Northwind Diagnostics4.2 Authentication · Sec+ 1.4, 2.4
- Lab — Configure Account Password & Lockout Policies4.2 Authentication · Sec+ 2.4, 4.5, 4.6
- Account Recovery Lab — Reset a Linux User Password4.2 Authentication · Sec+ 4.6, 2.5
- Lab — Harden Default & Local Accounts4.2 Authentication · Sec+ 2.5, 4.6
- Lab — Rotate Your Linux Account Password4.2 Authentication · Sec+ 4.6, 2.5
- Lab: Lock and Unlock Linux User Accounts — Tidewater Marine Analytics4.2 Authentication · Sec+ 2.5, 4.6
- Build an Active Directory OU Structure — Security+ Lab4.2 Authentication · Sec+ 4.5, 4.6
- Lab — Lock Down the Local Administrators Group (Group Policy)4.2 Authentication · Sec+ 4.5, 4.6
- Lab — Remove Redundant Organizational Units (AD)4.2 Authentication · Sec+ 4.5, 4.6
- Lab · Revoke Supplementary Group Access4.2 Authentication · Sec+ 4.6
- Lab — Deprovision a Departed Linux User4.2 Authentication · Sec+ 4.6
- Lab — Manage Domain User Accounts (LARK-DC01)4.2 Authentication · Sec+ 4.6
- Lab: Add Users to a Secondary Group (Linux) — Security+ SY0-7014.2 Authentication · Sec+ 4.6
- Lab: Enforce Smart Card Logon via Group Policy4.2 Authentication · Sec+ 4.6
- Lab: Reorganize Linux Groups — Provisioning & De-provisioning4.2 Authentication · Sec+ 4.6
- Offboarding: Remove a Departed Linux User — Security+ Lab4.2 Authentication · Sec+ 4.6
- Provisioning Desk — Create a Linux User Account4.2 Authentication · Sec+ 4.6
- Rename and Relocate a Linux User Account4.2 Authentication · Sec+ 4.6
- Shadow Groups Lab — Helmsman Directory Console4.2 Authentication · Sec+ 4.6
4.3 Protecting Devices 16 labs
- Lab — Create, Link, and Harden a GPO4.3 Protecting Devices · Sec+ 1.2, 4.1, 4.5
- Bench Lab — Stand Up Two Virtual Machines4.3 Protecting Devices · Sec+ 2.3, 3.1
- Configure Microsoft Defender4.3 Protecting Devices · Sec+ 2.5, 4.1
- Data Execution Prevention (DEP) Configuration4.3 Protecting Devices · Sec+ 2.5, 4.1
- Host Firewall Lab — Protect the Public Profile4.3 Protecting Devices · Sec+ 2.5, 4.5
- Lab — Application Allowlisting with AppLocker4.3 Protecting Devices · Sec+ 2.5, 4.1
- Lab — Harden User Account Control (UAC)4.3 Protecting Devices · Sec+ 2.5, 4.5
- Lab — Tuning the Update Cadence on a Workstation4.3 Protecting Devices · Sec+ 2.5, 4.1
- Lab: Clear Browsing Data — Aurora Browser (Security+ SY0-701)4.3 Protecting Devices · Sec+ 2.5, 3.2
- Virtual Switch Manager Lab — Northwind Cyber Range4.3 Protecting Devices · Sec+ 3.1
- Lab: Harden Mobile Mail & Browser on a Tablet4.3 Protecting Devices · Sec+ 4.1, 3.2
- Configure File History Backups4.3 Protecting Devices · Sec+ 3.4
- Recover Prior File Versions with File History4.3 Protecting Devices · Sec+ 3.4
- Sentinel Backup Console — DC System State Lab4.3 Protecting Devices · Sec+ 3.4
- Lab — Harden a Front-Desk Tablet (SY0-701 4.1)4.3 Protecting Devices · Sec+ 4.1
- Lab — Host Firewall for Untrusted Networks4.3 Protecting Devices · Sec+ 4.5
4.4 Detecting Attacks on Devices 1 lab
Unit 5 — Securing Applications and Data 9 labs
5.1 Application and Data Vulnerabilities and Attacks 1 lab
5.2 Protecting Applications and Data: Managerial Controls and Access Controls 2 labs
- Lab — Restrict a Folder with NTFS Permissions & Disable Inheritance5.2 Protecting Applications and Data: Managerial Controls and Access Controls · Sec+ 2.5, 4.6
- Lock Down Shared Folders with NTFS Permissions5.2 Protecting Applications and Data: Managerial Controls and Access Controls · Sec+ 2.5, 4.6
5.3 Protecting Stored Data with Cryptography 4 labs
- Lab · Verify a Download with an MD5 Hash5.3 Protecting Stored Data with Cryptography · Sec+ 1.4
- Lab — Hide a Recipient Marker with OpenStego (Steganography)5.3 Protecting Stored Data with Cryptography · Sec+ 1.4, 4.1
- Lab — Protect Bid Files with EFS5.3 Protecting Stored Data with Cryptography · Sec+ 1.4, 2.5
- Lab: Encrypt the System Volume with BitLocker and a TPM5.3 Protecting Stored Data with Cryptography · Sec+ 1.4, 2.5