This 45-minute lab teaches learners Windows and Linux security configuration fundamentals, including tools, terminology, theory, and techniques. Participants check their knowledge of and fill gaps on how to monitor systems using logs, stop antimalware, use encryption, secure remote machines, and apply baseline recommendations to standardize user permissions.
This guided challenge trains learners with a background with at least one of the following: networking, system services, handling active and passive cyber attacks, traffic routing, cryptography, accessing tools for remote computing, and setting permissions for users. Each lab module presents a set of multiple-choice questions with hints and an answer key at the end.
Understanding the Scenario:
In this lab, you are a systems administrator responsible for advising the IT staff on security concerns. You need to test your general knowledge of security tools, anti-malware, and encryption methods. First, you identify log file management tools, and then you identify anti-malware utilities and practices. Next, you identify encryption methods, and then you identify remote security practices on servers. Finally, you identify baseline security tools.
This section informs learners about Windows and Linux logging tools used to manage and monitor server security. They review logging tools like Linux rsyslog and logrotate and Windows event manager. They learn the Linux /var/log path contains all the logs. Learners test their knowledge about three different kinds of Windows logging flags, error, warning and information, and where to find archived information and about log alert configuration.
This module covers the Linux rsyslog and logrotate tools and Windows event viewer, as well as the logging tools’ purposes. So, the user ends this lab portion, knowing what server tools to use.
Antimalware and Monitoring:
This virtual lab portion covers anti-malware software fundamentals in Windows. Learners test their knowledge about antivirus tools: Windows Defender, Antivirus updates, firewalls, and virus entry points. The lab cautions that removable media and email represent security risks and viruses transmit through these channels.
Symmetric and Asymmetric Encryption:
Learners review their knowledge and terminology about encryption, including symmetric, asymmetric, public, and private keys, LUKS, and Bitlocker. Then they test their understanding of file integrity and hash cryptography to ensure a file sent does not change when received. Learners brush up on the purpose of a certificate file, to store a public key. The knowledge applies to Linux and Windows.
Remote administration by using PUTTY and SSH:
This portion of the lab recaps best practices for Windows and Linux remote administration by using PUTTY and secure shell (SSH). PUTTY describes a terminal emulator on Windows, permitting software to run from a remote Linux SSH server. SSH describes a protocol securing communications between two machines through a network service.
Learners get quizzed on SSH tasks, ports, and authentication processes. SSH uses key-based authentication for packets sent and received across the network.
Baseline Settings and Permissions:
The questions in this lab section review techniques in setting user permissions and awareness about Microsoft Baseline Security Analyzer. The instructions explain that assigning user permissions by group streamlines access and restrictions to network resources.
After this lab, learners take-away knowledge about security techniques, tools, and terms. They have a better understanding of:
- Log file management utilities.
- Antimalware and monitoring utilities.
- Symmetric and asymmetric encryption.
- Remote administration concepts.
- Baseline and permissions utilities.
Learners can now apply the skills gained in this lab in leveraging built-in Linux and Windows security tools as well as keeping Linux and Windows systems safe through fundamental cryptographic, SSH, and permission settings.