Security+ SY0-701 · 9 Labs · Browser-Based

Master Security+
By Doing It.

9 fully interactive, browser-based lab simulations that replicate the exact tools used in production security environments. No VM required. No downloads. Just click and learn.

Get All 9 Labs — $99 → See What's Inside

✅ Instant access after purchase · ✅ 90-day access · ✅ No software installs

// Lab 05 · SY0-701 Obj. 4.4

Implementing Intrusion Prevention

🦭 Snort 3.x Console4 Tasks~30 min

IDS/IPS Snort Rules DROP/ALERT SQL Injection

// Lab 04 · SY0-701 Obj. 4.4

Configuring a Firewall

🛡 wf.msc Simulation3 Tasks

// Lab 06 · SY0-701 Obj. 4.3

Vulnerability Scanning

🔍 Nessus Pro Sim5 Scans

// Lab 03 · SY0-701 Obj. 3.1

Hardening Authentication

// What's Included

All 9 Security+ Labs

Every lab simulates the real tool — the same interface a security professional uses on the job. You're not reading about it. You're doing it.

🎭

Lab 01 · Obj. 2.2

Identify Social Engineering

Six realistic attack scenarios — phishing emails, vishing calls, smishing texts, pretexting, baiting, and spoofed websites. Identify the technique and explain why it works.

Scenario Engine6 Attacks2 Questions

SY0-701 Obj. 2.2 — Social Engineering

🖼

Lab 02 · Obj. 2.3

Hide Files with OpenStego

Steganography simulation using a fully functional OpenStego interface. Embed secret messages in image files, then extract them. Covers covert data exfiltration techniques.

OpenStego SimEmbed & Extract

SY0-701 Obj. 2.3 — Application Attacks

🔑

Lab 03 · Obj. 3.1 & 4.6

Hardening Authentication

Five Windows authentication hardening tasks in simulated secpol.msc, lusrmgr.msc, and UAC interfaces. Configure password policies, restrict accounts, enforce UAC, and set up Smart Card MFA.

secpol.msclusrmgr.mscUACSmart Card

SY0-701 Obj. 3.1 & 4.6 — IAM

🛡

Lab 04 · Obj. 4.4

Configuring a Firewall

Full Windows Defender Firewall with Advanced Security simulation (wf.msc). Navigate the real rule table, use the 5-page New Rule Wizard to create Allow and Block rules, then test them in a live PowerShell terminal.

wf.mscNew Rule WizardPowerShell

SY0-701 Obj. 4.4 — Network Security

🦭

Lab 05 · Obj. 4.4 & 4.5

Implementing Intrusion Prevention

Snort 3.x console simulation with Dashboard, Rules, Alerts, and Config tabs. Write a real DROP rule using the 12-field Rule Builder, validate with snort -T, deploy, then trigger a live SQL injection attack simulation to watch it fire.

Snort 3.xRule BuilderLive Attack Sim

SY0-701 Obj. 4.4 & 4.5 — IDS/IPS

🔍

Lab 06 · Obj. 4.3 & 4.4

Vulnerability Scanning

Full Nessus Professional web UI simulation. Run 5 separate scans: Windows Server, Linux, Domain Controller, FTP Server, and Samba. Real CVEs with CVSS scores, plugin output, and remediation guidance. Includes PrintNightmare, Zerologon, PwnKit, SambaCry, and vsftpd backdoor.

Nessus Pro5 TargetsReal CVEs

SY0-701 Obj. 4.3 — Vulnerability Assessment

🌐

Lab 07 · Obj. 2.3 & 2.4

Web Application Security

OWASP ZAP dark-theme simulation. Spider and active-scan a vulnerable web app for SQL injection, reflected and stored XSS, CSRF, and missing security headers. Click alerts to see the full request/response evidence and remediation.

OWASP ZAPSQLiXSSCSRFCSP

SY0-701 Obj. 2.3 & 2.4 — App Attacks

💾

Lab 08 · Obj. 3.4 & 3.5

Backup and Restore

Windows Server Backup MMC simulation (wbadmin.msc) with a full 5-page Backup Wizard, VSS settings, and animated progress log. Then recover files from a ransomware scenario using the 6-page Recovery Wizard and wbadmin command-line tools.

wbadmin.mscVSSRecovery WizardRansomware Scenario

SY0-701 Obj. 3.4 & 3.5 — Data Protection

📧

Lab 09 · Obj. 2.2 & 4.4

Email Security

Microsoft 365 Defender + Exchange Admin Center simulation. Configure anti-spam, anti-phishing impersonation protection, and Safe Links. Then harden the mail server with SPF, DKIM, DMARC policy deployment, and enforced TLS connectors.

M365 DefenderSPF/DKIM/DMARCExchange EACTLS

SY0-701 Obj. 2.2 & 4.4 — Email Security

// How It Works

Real Scenarios. Real Tools. Zero Setup.

Every lab runs entirely in your browser — no virtual machines, no Kali Linux, no downloads.

Purchase & Access

One payment unlocks all 9 labs instantly. Access them from any browser on any device for 90 days.

Read the Scenario

Each lab opens with a real-world scenario, the exam objective covered, and a pro tip you'd only know from working in the field.

Work the Simulation

Interact with a pixel-accurate tool simulation — click buttons, configure settings, run commands. The sim responds just like the real thing.

Test Your Knowledge

Answer exam-style questions after each task. Immediate feedback tells you not just right or wrong — but exactly why.

// Exam Alignment

Mapped to SY0-701 Objectives

Every lab task is tied directly to a CompTIA Security+ exam objective. You practice exactly what the exam tests.

🎯

Threat Detection & Analysis

Identify social engineering attacks, analyze phishing indicators, detect SQL injection and XSS in web apps, and interpret Snort IPS alerts.

🔧

Security Configuration & Hardening

Configure Windows password policies, UAC, firewall rules, Snort DROP rules, SPF/DKIM/DMARC, and TLS connectors using the exact same interfaces as production environments.

🔍

Vulnerability Assessment

Run authenticated Nessus scans, analyze CVSS scores, read plugin output, and prioritize remediation for Critical/High findings across Windows, Linux, DC, FTP, and Samba targets.

🛡

Incident Response & Recovery

Execute a ransomware file recovery using Windows Server Backup, calculate RPO/RTO gaps, and apply the 3-2-1 backup rule to real recovery scenarios.

SY0-701 Coverage

2.2Explain common threat vectors and attack surfaces — social engineering, phishing, spoofing

2.3Explain various types of vulnerabilities — web app attacks, SQLi, XSS, CSRF

3.1Compare and contrast security controls — authentication hardening, UAC, Smart Card

3.4Explain data protection and privacy practices — backup types, VSS, 3-2-1 rule

4.3Explain processes associated with vulnerability management — Nessus, CVSS, CVEs

4.4Implement network security appliances — firewalls, IDS/IPS, email security, TLS

4.5Implement security techniques in network architecture — Snort IPS inline mode

4.6Implement identity and access management — password policies, DKIM, DMARC

// Your Instructor

Built by Someone Who Does This

👨‍🏫

Prof. Ramiro Salazar, Jr.

CompTIA CySA+ Certified · Founder, CyberPath Academy LLC

Professor Salazar is a working cybersecurity instructor and practitioner. These labs weren't written from a textbook — they were built from real incident response, real penetration testing, and years of teaching students what the exam actually tests. Every scenario, every CVE, and every exam tip in these labs comes from hands-on professional experience.

CompTIA CySA+ Security+ SY0-701 Network+ N10-009 cyberpathacademy.com

// Pricing

One Price. All 9 Labs.

Less than a single chapter in a certification book — and infinitely more useful for the hands-on portions of the exam.

🔬 Security+ Hands-On Labs Bundle

Complete SY0-701 Lab Package

Instant access · 90 days · All 9 labs · No software required

$ 99

One-time payment · All 9 labs unlocked immediately

✅ Lab 01 — Identify Social Engineering (6 scenarios)

✅ Lab 02 — Hide Files with OpenStego (steganography)

✅ Lab 03 — Hardening Authentication (secpol, lusrmgr, UAC, Smart Card)

✅ Lab 04 — Configuring a Firewall (wf.msc + PowerShell)

✅ Lab 05 — Implementing Intrusion Prevention (Snort 3.x)

✅ Lab 06 — Vulnerability Scanning (Nessus Pro — 5 targets)

✅ Lab 07 — Web Application Security (OWASP ZAP)

✅ Lab 08 — Backup and Restore (wbadmin + ransomware scenario)

✅ Lab 09 — Email Security (M365 Defender + SPF/DKIM/DMARC)

✅ 36+ exam-aligned questions with detailed answer explanations

✅ 90-day access from date of purchase

✅ Works on any browser — no VM, no downloads, no installs

Get Instant Access — $99 →

🔒 Secure checkout via Stripe · Questions? Email us at support@cyberpathacademy.com

// FAQ

Common Questions

Do I need to install any software?+

No. Every lab runs entirely in your web browser. No virtual machine, no Kali Linux, no downloads. Open the lab page and start working immediately.

How long do I have access?+

90 days from the date of purchase. That's more than enough time to work through all 9 labs multiple times before your exam.

Are these labs aligned to the current exam?+

Yes. All 9 labs are specifically mapped to CompTIA Security+ SY0-701 objectives. Each lab page shows the exact objective(s) it covers, and every exam-style question references the SY0-701 exam domains.

Will these help with performance-based questions?+

Absolutely. The SY0-701 exam includes performance-based questions (PBQs) that require you to interact with simulated tools. These labs train exactly that skill — configuring firewalls, writing IPS rules, reading vulnerability scan results, and recovering from incidents.

I already have a study guide. Do I still need this?+

Study guides tell you what the tools do. These labs make you use them. Most students find that doing the lab once is worth more than reading about it three times. The hands-on application is what makes concepts stick — and what the exam actually tests.

What if I have questions or need help?+

Email us at support@cyberpathacademy.com. Professor Salazar personally reviews student questions and typically responds within 24 hours on business days.

Master Security+ By Doing It.