Weeks 1–6. Core IT, networking, and operating system fundamentals every technical lab builds on.
Install a hypervisor and stand up your first two virtual machines — a Linux box and a Windows box — that you'll reuse for every lab in this course.
Navigate the filesystem, manage users and permissions, and chain commands together to automate a basic system audit.
Subnet a network by hand, configure static IPs across your VMs, and use ping/traceroute to map the path between hosts.
Capture live traffic on your lab network and identify protocols, source/destination pairs, and plaintext credentials in unencrypted traffic.
Apply baseline security settings to both VMs — disable unused services, enforce password policy, and configure host firewalls.
Stand up a Windows Server domain controller, join a client, and create your first organizational units, users, and group policies.
Weeks 7–12. Offensive security fundamentals — reconnaissance, exploitation, and social engineering, all in a legal lab environment.
Use passive and active recon techniques against a lab target to build a profile of open ports, services, and software versions.
Run an authenticated vulnerability scan against your lab network and triage the results into a prioritized remediation list.
Compromise an intentionally vulnerable machine end-to-end — initial access, privilege escalation, and a documented proof of compromise.
Identify and exploit SQL injection and cross-site scripting in a deliberately vulnerable web app, then write up the findings.
Build a simulated phishing campaign and landing page in a closed lab environment to study how social engineering attacks are constructed.
Detonate a sample in an isolated sandbox VM and analyze its network calls, persistence mechanisms, and file system changes.
Weeks 13–18. Blue team skills — detection, monitoring, incident response, and the cryptography that underpins secure systems.
Deploy a free SIEM, forward logs from your lab VMs, and write your first detection rule for a brute-force login attempt.
Configure an open-source IDS to alert on suspicious traffic patterns you generate yourself from an attacker VM.
Walk through a simulated breach end-to-end — containment, eradication, recovery — and produce a written incident report.
Encrypt and decrypt files using both AES and RSA from the command line, and explain when each approach is the right choice.
Stand up your own certificate authority, issue a server certificate, and configure HTTPS on a lab web server.
Use hashing to verify file integrity, then demonstrate how a single changed byte breaks the hash — the basis for tamper detection.
Weeks 19–24. Risk, compliance, and applied review labs that tie the whole curriculum together ahead of the Security+ exam.
Score a set of sample assets against likelihood and impact to produce a basic risk register and prioritized treatment plan.
Write an acceptable use policy and a password policy for a fictional small business, aligned to common compliance frameworks.
Configure automated backups for a lab VM, then simulate a full failure and execute your own recovery runbook.
Implement role-based access control and multi-factor authentication across your lab domain, then audit who can access what.
A mixed-skills CTF pulling together recon, exploitation, log analysis, and cryptography from every earlier track in one challenge.
Sit a full-length timed practice exam mapped to the SY0-701 domains, then review every missed question against the relevant lab.
All 24 labs are free, self-paced, and designed to be done in order alongside the 24-week curriculum.
Enroll Now — It's Free