GLOBAL OPERATIONS MAP
CRITICAL
HIGH
MEDIUM
—
Complete previous assignments first.
Your cybersecurity manager has assigned you to inspect a small company network. Your job is to identify connected devices and understand which services may be exposed.
By the end of this mission, you will understand how analysts identify devices, IP addresses, ports, and services during a basic network investigation.
Run the commands in order. Each one unlocks the next.
Awaiting service scan.
You're transitioning from workstation forensics to network reconnaissance. Map the local network, find a target host, and identify what services it's exposing.
By the end of this mission you'll know how to identify your local IP, test host reachability with ping, discover open ports with nmap, and reason about what those services mean.
Click a command to load it into the terminal, then press Enter to run it. More commands unlock as you progress. Hover or focus a command to learn what it does.
Your cybersecurity manager has flagged unusual traffic on the company network. Your job is to investigate the connections, find out who keeps reaching in, and decide whether it's an early sign of an attack.
By the end of this mission, you will understand how analysts spot reconnaissance — the quiet scanning that attackers do before they strike — and how to respond to weak early signals.
Run the commands in order. Each one unlocks the next.
Awaiting connection review.
You're moving from mapping the network to hunting threats. Something keeps reaching into the network from outside. Review the connections, identify the source, and decide if it's recon.
By the end of this mission you'll know how to read active connections, look up an unknown IP, recognize a probing pattern in the logs, and tell a real threat from a false lead.
Click a command to load it into the terminal, then press Enter to run it. More commands unlock as you progress. Hover or focus a command to learn what it does.
Bringing up the sandboxed analyst workstation. Please stand by.
Awaiting investigation.
Collect critical evidence to unlock containment responses.
You are a new cybersecurity intern. Your manager has asked you to inspect a workstation that may contain a suspicious file. Your job is to use basic Linux commands to investigate safely.
By the end of this mission, you will understand how basic Linux commands help cybersecurity analysts inspect files and identify suspicious behavior.
Open the documents folder and read each file. Most files are harmless — your job is to find the one file that is a real security threat (for example, a message asking someone to share a password or open a suspicious link).
Stuck? Use the Need a hint? button in the Live Status panel.
Click a command to load it into the terminal, then press Enter to run it. More commands will unlock as you investigate. Hover or focus a command to learn what it does.
ls.