Your Demo Progress

0%
Interactive Terminal Lab
PBQ 1: Network Security Setup
PBQ 2: Enterprise Network Design
Practice Questions (0/5)
Virtual Lab: Linux Security Administration
Hands-On Experience
Lab Scenario: Security Audit & System Hardening
You are a cybersecurity analyst at TechCorp Inc. The IT director has asked you to perform a security audit on a Ubuntu Linux server that will host sensitive customer data. Your task is to assess the current security posture and implement basic hardening measures to prepare the system for production deployment.

What You'll Learn & Accomplish:

  • User Privilege Assessment: Verify current user permissions and understand privilege escalation risks
  • Process Monitoring: Identify running services and potential security vulnerabilities
  • Network Security Analysis: Discover open ports and network services that could be attack vectors
  • Log Analysis: Review authentication logs to detect suspicious activities
  • File System Hardening: Implement proper file permissions to protect sensitive data

Security Audit Tasks - Execute Each Command:

  1. Verify User Identity: whoami
    Purpose: Confirms your current user context and privilege level - essential for security assessments
  2. Audit Running Processes: ps aux
    Purpose: Identifies all running processes to detect unauthorized services or potential malware
  3. Network Port Scanning: netstat -tuln
    Purpose: Lists all open network ports to identify potential attack surfaces and unnecessary services
  4. Authentication Log Review: tail -n 10 /var/log/auth.log
    Purpose: Examines recent login attempts and authentication events to detect intrusion attempts
  5. Secure File Permissions: chmod 755 /tmp/secure_file
    Purpose: Sets proper file permissions (owner: read/write/execute, group/others: read/execute only)

Ubuntu Server 20.04 LTS - Security Lab Environment

Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-74-generic x86_64)
*** System Information ***
Last login: Mon May 27 10:30:15 2025 from 192.168.1.100
Security Lab Environment Ready - Begin your audit!
student@security-lab:~$ _
student@security-lab:~$
Audit Progress: 0/5 security checks completed

Security Audit Complete! Skills Mastered:

System Administration

User privilege verification and process monitoring

Network Security

Port scanning and service identification

Log Analysis

Authentication log review and threat detection

File System Security

Permission management and data protection

PBQ 1: Network Security Configuration
Performance-Based Question
Scenario: Small Office Network Security Setup
You are the IT administrator for a growing small business with 25 employees. The company handles sensitive customer data and needs to implement proper network security measures. Your task is to identify the appropriate security controls and place them in the correct network locations to create a comprehensive defense-in-depth strategy.

Learning Objectives & Real-World Skills:

  • Defense-in-Depth Strategy: Understanding layered security approach across network zones
  • Security Control Placement: Knowing where to deploy specific security measures for maximum effectiveness
  • Network Security Architecture: Designing secure network topology with proper segmentation
  • Risk Assessment: Identifying potential attack vectors and implementing appropriate countermeasures
Available Security Measures
Next-Generation Firewall
Intrusion Detection System
Endpoint Antivirus
Data Encryption
VPN Gateway
Network Security Zones
Network Perimeter
Drag security measure here
Internal Network
Drag security measure here
End-User Devices
Drag security measure here
Sensitive Data Storage
Drag security measure here
Remote Access
Drag security measure here
PBQ 2: Enterprise Network Security Design
Performance-Based Question
Scenario: Secure Corporate Network Implementation
MegaCorp is expanding their headquarters and needs a secure network infrastructure for their new office building. As the network security architect, you must design and configure a robust network topology that protects sensitive financial data, ensures reliable connectivity, and maintains compliance with industry security standards. The network will serve 200+ employees across multiple departments with varying security clearance levels.

Learning Objectives & Real-World Skills:

  • Network Architecture Design: Plan enterprise-grade network topology with security zones
  • Device Configuration: Configure routers, switches, firewalls, and servers for optimal security
  • Security Policy Implementation: Apply defense-in-depth principles across network layers
  • Network Segmentation: Implement VLANs and access controls for data isolation
  • Compliance & Best Practices: Meet regulatory requirements and industry standards

Enterprise Network Topology

Select each network device below and configure it
Core Router
Managed Switch
Security Firewall
Application Server
Internet / WAN
Public Network
DMZ - 192.168.100.0/24
Public Servers
Internal LAN - 192.168.1.0/24
Corporate Network
Core Router
Next-Gen Firewall
L3 Switch
Web Server
DB Server
192.168.1.1
192.168.1.254
192.168.1.2
192.168.100.10
192.168.100.11
👆 Click on a network device above to configure its security settings

Select a device from the network diagram to view and configure its security parameters. Each device has specific configuration options that affect overall network security.

Practice Questions: CompTIA Security+ Exam Prep
5 Questions

Confirm Submission

Are you sure you want to submit all your answers? You won't be able to change them after submission.

Success!
Your action was completed successfully.