Day 3: Linux command line
Most servers and security tools run on Linux. Today you practice the command line, file permissions, and log locations that analysts use during investigations and hardening reviews.
Today's outcome: You can navigate Linux, read logs, and understand permissions — essential for SOC and hardening work.
Week progress
Day 3 of 7
- 1
Security mindset & threat basics
- 2
Networking for security
- 3
Linux command line
You are here
- 4
Web security introduction
- 5
SOC & log awareness
- 6
First hands-on lab
- 7
Pick your career direction
Goals
Learning objectives
By the end of today you should be able to:
- Navigate directories and manage files from the terminal
- Interpret file permissions (chmod) and ownership (chown)
- Locate and skim authentication logs (e.g. auth.log patterns)
- Complete at least one hands-on checklist task from the tutorial
Schedule
Suggested schedule
Adjust timing to your pace — aim for one focused block per day.
- Tutorial~40 min
Follow Linux basics for cybersecurity — commands, users, permissions, logs.
- Lab prep~15 min
Set up a Linux VM or use the platform lab environment if available.
- Practice~15 min
Run ls -la, cat a log snippet, and change permissions on a test file.
- Notes~10 min
Document five commands you will use again this week.
Learn
Mapped learning resources
These links connect this day to tutorials, labs, roadmaps, and reference material on PentesterWorld.
Linux essentials for cybersecurity
Commands, users, permissions, processes, services, and logs for security work.
Open resourceLinux permissions glossary
chmod, chown, and permission models explained.
Open resourceLinux security hardening (preview)
Preview tomorrow’s hardening path — SSH, updates, and baseline configs.
Open resourceBeginner roadmap — Linux module
Linux competency in the beginner cybersecurity roadmap.
Open resourceConcepts
Key terms for today
Notebook
Reflection prompts
Copy these into your learning notebook — answers become portfolio material later.
- What does drwxr-x--- mean on a directory listing?
- Where would failed SSH logins appear on a typical Linux server?
- Which command shows running processes?