Setup Guide For CySA+

Setup Guide
Official CompTIA CySA+® (Exam CS0-002)

This guide will help you to prepare to deliver an Official CompTIA Content for CySA+ course. It contains
tips for planning and delivering the course, plus requirements and setup instructions for delivering the
lab activities. Please take the time to familiarize yourself with the content of the entire course, including
its organization and instructional approaches. You should review each of the activities and exercises so
you can facilitate them during the learning event.
Preparing to Teach
Official CompTIA Content is created around four core principles: supporting the modern learning, focus
on job roles and objectives, sound instructional design, and integrating active learning.
1) Support the Modern Learner: Official CompTIA Content for CySA+ is designed with the modern
student and classroom in mind, ensuring success whether the course format is co-located or
remote, synchronous or asynchronous, continuous or modular. Instructors will find best practices
and recommendations within the notes section of the Instructor PowerPoints specific to the various
course formats.
2) Focused on Job Roles and Objectives: CertMaster Learn content is organized into Courses,
Lessons, and Topics and align training to work in the real world. Courses such as CySA+ reflect a real
job role, Lessons refer to functional areas within that job role, and Topics relate to discrete job tasks.
3) Sound Instructional Design: The content within Topics is presented in an instructional hierarchy
that thoughtfully offers knowledge, procedural tasks, and hands-on Activities that require that
students put the knowledge they have gained into practice. This approach keeps the student
engaged, ensures success with the learning outcomes, and reinforces the core concepts to ensure
long term retention of new ideas.
4) Integrate Active Learning: Each Topic has a review Activity designed to enable students to reflect
upon and discuss the subject matter. Additional hands-on and scenario-based Activities are
positioned throughout the Course. These Activities present a job-plausible scenario or job-realistic
assignment and then provide step by step instructions for how to approach the problem at hand.
Activities may also require the student to analyze sample data, engage in structured discussion, or
analyze case studies.
The Official CompTIA® CySA+® Instructor Guide (Exam CS0-002) Setup Guide
Copyright © 2020 CompTIA, Inc. | 1
Obtaining Course Resources
In addition to the curriculum itself, Microsoft PowerPoint slides, data files, and other course-specific
® ®
support material may be available by downloading the files from the course website. Be sure to obtain
the course files prior to your learning event and make sure you distribute them to your students.
Setting Up Lab Activities
Lab activities are an important aspect of the course where students can apply and practice their
understanding of the concepts. There are two ways that the lab activities can be delivered in your
course:
■ Classroom-hosted environment: Students can complete their lab activities on host computers set-
up in the classroom. Directions on how to set-up student HOST computers is detailed later in this
guide. To ensure that the course runs smoothly, please try to set up and test the activities on the
target hardware before starting the course presentation. Remember, you can contact Support at
help.comptia.org/hc/en-us/requests/new to assist with setup or other issues.
■ CompTIA Labs: Hosted by Learn on Demand Systems, CompTIA Labs are virtual labs that allow
students to learn in actual software applications through a remote lab environment. The labs align
with the hands-on Activities in CertMaster Learn for CySA+ and allow students to practice what they
are learning using real, hands-on experiences. Students have access to the software environment
for 6 months after they redeem their access key, providing a fantastic resource for students to
practice their skills. CompTIA Labs have many benefits:
○ On-Site Learning: Simplifies and reduces lab setup time for instructors.
○ Virtual Instructor-Led Training: Provides remote learners with browser-based access to the
necessary software, no matter their location, as long as they have an internet connection.
○ Asynchronous: Enables students to complete activities on their own for a seamless learning
experience.
○ Self-Study: Students self-studying can work through activities hands-on, at their own pace.
Find more information about CompTIA Labs and how to purchase them at store.comptia.org
LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

Presentation Planning
Within the instructional design hierarchy, the course structure tries to follow the exam objectives
domain structure as far as possible, but some objectives have been moved about so as to make the
topics flow better and to eliminate duplications. The course is designed to be as modular as possible, so
that you can use the content as flexibly as you wish.
Suggested timetables are available to download from the course website. You will need to adjust these
timings to suit your audience. With the latest revision of the certification exams and corresponding
exam objectives, a significant amount of new content has been added to this edition of the course. You
might need to employ time-saving techniques:
■ Ask participants to pre-read some of the content as "homework" to reduce class time spent on that
topic.
■ Summarize a topic in overview, and then answer questions during a later session when students
have had a chance to study it in more detail.
■ Reduce the number of activities you try to cover to focus on the topic content. If you are using
CompTIA Labs, students can attempt the activities outside of class time. There are no dependencies
between the lab activities, so they do not have to be completed in sequence or at all.
■ Throughout the course, when software or applications are being installed or updated that might
take considerable time, consider having students start the install or update, then present the related
content. You might also consider having the install or update begin before a scheduled classroom
break.
Other Tips
Here are some useful tips for presenting the CertMaster Learn for CySA+ for Instructor-Led Training course.
■ If you will have remote participants for your class, it is strongly recommended that you position a
camera directly above a work area so that remote students can watch as you or other participants
work with the various hardware components throughout the course.
■ Software vendors mentioned in this course may at any time deploy software updates digitally,
resulting in changes that may not be reflected dynamically in this course. Stay up to date with
product updates and be ready to adapt the material to any changes in the user interface.

Lab Set-up Guide
The CompTIA CySA+ (CS0-002) course uses Virtual Machine (VM)-based hands-on activities. In most of
the activities, students will work independently but with your support, using VMs that you have installed
on their Hyper-V HOST computers, using the instructions in this course setup guide.
In the course of working through the activities included with this course, students will be using various
cybersecurity tools and intentionally vulnerable host systems. The use of some cybersecurity tools and
techniques is prohibited by law in some countries. You are responsible for ensuring that use of these
activities does not contravene any laws, regulations, or policies that you may be subject to. These
activities are for use on private systems only and we strongly recommend such systems are provided
for activity use only and "sandboxed" in a way that makes them unable to access other networks or
systems storing important or sensitive data or credentials. Under no circumstances should the tools
and or sample files provided as part of these activities be used or installed in any other context.
Caution: Neither the author nor publisher shall be liable for any direct, indirect, special, incidental, or consequential
damages arising out of the use, misuse, or the inability to use the contents of this course.
The Hyper-V lab network is based around three zones, representing a local network, an ISP, and an
internet. VyOS VMs perform routing between the networks. There are various Windows and Linux
servers and clients. The pfSense router/firewall is substituted for the local VyOS router in some
activities.

Lab network topology.
The CySA+, Security+ (SY0-501) 2019 Update, Network+ (N10-007) 2019 Update, and A+ (220-1000) OCC
courses use the same basic lab environment. If you have already set up one of these environments, you
can choose to update the environment rather than use the primary set up process. Please follow the
option that best applies:
1) I have not previously set up a CompTIA OCC course—Review the Equipment Requirements and then
follow the steps in the primary Setup Process.
2) I have previously set up a CompTIA OCC Security+ or Network+ course—Perform the additional
steps listed under Updating an Existing OCC Security+ or Network+ Environment.
3) I have previously set up a CompTIA OCC A+ course—Perform the additional steps listed under
Updating an Existing OCC A+ Environment.
If you have any difficulty in completing setup, please contact CompTIA at help.comptia.org/hc/en-
us/requests/new

Equipment Requirements
The VM-based activities require one PC per student and one PC for the instructor set up in a classroom
network. In these setup notes and student activities, the physical PC used for virtualization is referred to
as the HOST.
Student HOST PC Requirements

The activities use multiple VMs running simultaneously so that each student can set up their own virtual
network and complete the activities independently. Consequently, the activities require a relatively high
specification machine for the HOST. These are recommended minimum specifications:
■ Windows 10 x64 Professional/Enterprise Branch 1803 or later with Hyper-V installed.
The activities should work the same on any Hyper-V platform that can support Generation 2 and VM configuration
version 8.0 but have only been tested on Windows 10 1803 and Windows 10 1809.
■ 2 GHz multi-core x64 CPU with virtualization support.
■ 8—16 GB RAM.
We have tried to design the activities so that they will run within an 8 GB HOST instance, but VM performance will be
limited. A 12 or 16 GB HOST instance will offer better performance.
■ 200 GB free disk space. An SSD will deliver much better performance than an HDD.
■ DVD-ROM drive.
■ Ethernet network card (supported by Windows host OS).
■ Internet access/IP—some activities require web access from the HOST. VMs should not be
connected to the Internet or to the physical classroom network.
You will need product ISOs and (where applicable) product keys/licenses for the following x64 software:
■ 2x Windows Server 2016 Standard Edition.
■ Windows 7 Professional/Enterprise x64 Edition SP1 (Build 7601).
■ Windows 10 Professional/Enterprise x64 Edition (Build 1803).

If you do not have the specific build available, future versions of Windows 10 or Server 2016 should not substantially
affect the activity steps. Windows 7 must have SP1 installed.
Instructor HOST Computer

You can configure the instructor PC in the same way as the student HOST PCs so that you can
demonstrate the activity steps. The following additional items will be useful.
■ PowerPoint or PowerPoint Viewer.
■ Large monitor or screen to display the slides.
■ An Internet connection for demonstrating websites and other Internet resources will be useful but
not essential.
■ Packet capture software such as Wireshark will be useful when covering the networking topics to
show students examples of frames, packets, segments, and application protocol headers. All the
VMs will have Wireshark installed but you may also want to install it to the HOST.

Setup Process
The setup process for the VM-based activities involves the following phases:
1) Prepare the HOST PC Hyper-V environment and download the VM images and data files.
2) Import the VyOS and Linux VMs from the preconfigured images.
3) Install the Windows Server VMs using your setup media and licenses and configure them by running
the supplied scripts.
4) With the Windows Server VMs running, install the Windows desktop VMs using your setup media
and licenses and configure them by running the supplied scripts
5) Create checkpoints for each VM to allow the activity environment to be reset.
Because students will have access to dual-use tools and malware examples, plus intentionally
vulnerable OS instances (LX1 and LAMP) and Windows installations with weak passwords, you must take
care to prevent misuse of the VMs. The VMs should not be permitted to connect to the Internet.
Some activities assume use of the web. If you do not want to allow Internet access on the Hyper-V HOST
PCs, use different PCs for those activities or specify them as self-study, or omit them.
Phase 1. First Steps

Within the classroom network you set up, prepare each HOST PC by completing the following steps. This
part of setup should take about an hour, depending on the speed of your Internet connection.
1) Perform a default Windows 10 x64 Professional/Enterprise Edition Build 1803 installation on the
HOST PC.
2) Create a local administrator account for the student to use to run Hyper-V. Make sure the student is
provided with the appropriate credentials to sign into the HOST PC.
3) Use Programs and Features > Turn Windows features on or off to enable Hyper-V. Make sure the
management tools and PowerShell module are enabled for Hyper-V.
4) Open Hyper-V Manager and select Hyper-V Settings from the Actions pane. Configure the following
settings:
○ Select the Virtual Hard Disks node, and in the Specify the default folder box, enter C:\COMPTIA-
LABS
○ Select the Virtual Machines node, and in the Specify the default folder box, enter C:\COMPTIA-
LABS
○ Select the Enhanced Session Mode Policy node then check the Allow enhanced session mode
check box.
5) Select OK.
6) Either disable security software on the HOST or create exceptions for the following folders:
○ C:\COMPTIA-LABS
○ C:\COMPTIA-LABS-mups
7) Use the following link to download the setup script:
https://benchprepinstructors.s3.amazonaws.com/COMPTIA-LABS/GETVMS3.zip
8) Extract the contents of the zip to C:\.
You should now have the following files in C:\COMPTIA-LABS:
○ C:\COMPTIA-LABS\getvms.ps1
○ C:\COMPTIA-LABS\getvms-cysaonly.ps1
○ C:\COMPTIA-LABS\getvms-update.ps1
○ C:\COMPTIA-LABS\comptia-labs1-hashes.txt
○ C:\COMPTIA-LABS\comptia-labsody-hashes.txt
The setup files are split across multi-part self-extracting archives. You can use the getvms.ps1 script
to download them.
9) On the HOST PC, open a PowerShell prompt with elevated privileges (right-click Start and select
Windows Powershell (Admin)).
10) Execute the following commands:
Set-ExecutionPolicy Unrestricted
[Confirm with Y]
C:\COMPTIA-LABS\getvms.ps1
The script will download each archive part to the folder C:\COMPTIA-LABS-mups and verify it against
its precomputed hash. If the download is successful, the script will extract the files to C:\COMPTIA-
LABS.
By default, the script will also download an ISO file containing Windows malware, including the EICAR test
string, Actual Keylogger, Cain, and Netcat. This disc image is used to complete part of anti-virus activities in A+
and Security+ courses. If you do not want to retrieve this file, comment out the marked section of the getvms
script.

If a part is not validated, an error will be written to C:\COMPTIA-LABS-mups\_errors.txt. Use the links in
that file to download missing or corrupted parts individually. When you have downloaded all the
parts, complete the following steps to extract the files manually—you do NOT need to complete
these steps if the script has executed without errors:
a) Once all the archive parts have been downloaded successfully, run C:\COMPTIA-LABS-
MUPS\COMPTIA-LABS1.exe.
b) In the Extract to box, enter c:\
Extract files to the c:\ drive
c) Select the Extract button. The folders and files will be extracted to the C:\COMPTIA-LABS folder
(check the screenshot below to confirm the layout).
d) Repeat to extract C:\COMPTIA-LABS-MUPS\COMPTIA-LABS2.exe and C:\COMPTIA-LABS-
MUPS\COMPTIA-LABS3.exe. Note that some files and folders will be overwritten—this is
expected behavior.
e) Copy the odysseus.iso file to C:\COMPTIA-LABS
11) Obtain the product ISOs plus an appropriate product key and/or license for each Windows OS.
Please note that CompTIA cannot provide you with Windows media or licenses. Contact your
Microsoft licensing partner.
12) You need to specify the location of your Windows media ISO installation files:
• EITHER: open the C:\COMPTIA-LABS\setupvms3-winservers and C:\COMPTIA-

LABS\setupvms4a-winclients scripts for editing in the Windows PowerShell ISE and adjust the
values of the variables $win2016iso, $win10iso, $win7iso to the paths to your Windows
installation media ISO files.
• OR: rename your ISOs to C:\COMPTIA-LABS\win2016.iso, C:\COMPTIA-LABS\win10.iso, and

C:\COMPTIA-LABS\win7.iso
The scripts configure the VMs with a conservative amount of system memory. You can edit the scripts to increase this
(-MemoryStartupBytes) if you have more than 8 GB available on the HOST (or adjust the settings in Hyper-V
afterwards).

Layout of C:\COMPTIA-LABS with all downloads extracted and ISOs copied to the suggested filenames.
13) Install the following software on the HOST PC:
c:\COMPTIA-LABS\autopsy-4.10.0-64bit.msi

Phase 2. Importing the VyOS and Linux VMs
Verify that the prebuilt VM folders are downloaded and installed to the C:\COMPTIA-LABS folder as
shown in the screenshot above.
1) On the HOST PC, open a PowerShell prompt with elevated privileges (right-click Start and select
Windows Powershell (Admin)).
2) Execute the following commands (assuming ExecutionPolicy is already set to Unrestricted):
C:\COMPTIA-LABS\setupvms1-switches
C:\COMPTIA-LABS\setupvms2-linux
C:\COMPTIA-LABS\setupvms2b-cysa
These scripts will create the virtual switches used in the activities, import the preconfigured VMs to
your Hyper-V server, and start the RT1-LOCAL VM. The remainder of setup should take about
another hour, depending on the speed of the HOST PC.
Phase 3. Installing the Windows Server VMs

The Windows VMs use an attended install and are then configured by running several PowerShell
scripts. You need to select the appropriate date and time plus product key information for each
Windows Server VM.
1) Execute the following command in the elevated PowerShell prompt:
C:\COMPTIA-LABS\setupvms3-winservers
The script will configure each VM and add the appropriate Windows ISO file to the virtual DVD drive.
The script will remove any existing VMs with the same name as those used in the activities and delete the
associated VHDs.
2) Open the Hyper-V management console. Verify that the RT1-LOCAL VM is running.
3) Open session consoles for each Windows Server VM (DC1 and MS1). Complete the following steps
on each VM:
○ Start the VM, and then in its connection window, press a key to boot from the setup disc.
○ Choose the appropriate time/currency and keyboard formats, and then select Install Now.
○ Enter your product key if prompted.
○ Select the Server 2016 Standard (Desktop Experience) option.
○ Accept the license agreement.
○ Select a Custom installation.
○ Accept the default disk options and select Next to start installation.
Configuring the DC1 VM
Once installation is complete, you will run some scripts to configure the DC1 VM. This VM will run AD,
CA, DNS, and IIS. Make sure you complete ALL these tasks before you try to configure the client VMs.
If you experience any problems running the scripts, comment out the "restart" command if it is present so that you can
read any error message more easily or execute them selectively in the PowerShell ISE.
1) When setup is complete, on the Customize Settings page, enter Pa$$w0rd in the Password and Reenter
password boxes, and then select Finish.
2) In the Connect to DC1 dialog box, set the VM console window to an appropriate resolution. Select
Show options, check the Save my settings for future connections on this virtual machine box,
and then select the Connect button.
If no "Connect to" dialog is shown, verify that the connection is working in Enhanced session mode (View menu). If the
Enhanced session mode option is greyed out, logon then restart the VM.
3) Sign into the VM as Administrator with Pa$$w0rd
4) On the HOST, open C:\COMPTIA-LABS and copy the LABFILES folder.
5) In the DC1 VM, open File Explorer, then paste the copied folder in the root of the C: drive.
6) When file copy has completed, open PowerShell and run the following script:
[Confirm with Y]
c:\labfiles\dc1-setup1
Always ensure you are opening the 64-bit PowerShell environment—NOT PowerShell (x86).
7) When the DC1 VM reboots, sign back in as Administrator. Open PowerShell and run the following
script:
8) When the DC1 VM reboots, sign in to the domain as Administrator.
9) Open PowerShell.
10) Point to the network status icon. If the network is listed as "Network" or "Unidentified," run the
following command:
c:\labfiles\RestartNLA
11) Point to the network icon—it should now be identified as "corp.515support.com."
This script will be set to run as a task at startup but if NLA does fail to identify the domain profile during the activities,
get students to run this script manually and restart the DHCP server on MS1.
12) In PowerShell, run the following script:
13) Leave the DC1 and RT1-LOCAL VMs running while you complete configuration of the other VMs.
Configuring the MS1 VM
You will run some scripts to configure the MS1 VM. This VM will run DHCP, IIS, and a third-party email
server (hMail).
1) When setup is complete, on the Customize Settings page, type Pa$$w0rd in the Password and Reenter
password boxes, and then select Finish.
2) In the Connect to MS1 dialog box, set the VM console window to an appropriate resolution. Select
Show options, check the Save my settings for future connections to this virtual machine box,
and then select the Connect button.
3) Sign in as Administrator with Pa$$w0rd.
4) Open PowerShell and run the following script:
[Confirm with Y]
\\DC1\labfiles\ms1-setup1
[Confirm with R]
5) When the MS1 VM has restarted, sign back in as 515support\Administrator.
6) Select Start, right-click Windows Powershell, and select More > Run as administrator. At the UAC
prompt, select Yes. Run the following script:
\\DC1\labfiles\ms1-setup2
[Confirm with R]

7) To complete setup, install the hMailServer application.
○ Run the C:\LABFILES\hMailServer-5.6.6.exe setup program.

○ Complete the setup wizard by accepting the defaults and using Pa$$w0rd when prompted for
installation credentials.
○ When the program has installed, in the Connect dialog box, check Automatically connect at
startup, and then select the Connect button. Input Pa$$w0rd to logon.
○ Select the Add Domain button.
○ In the Domain box, type 515support.com and then select Save.
○ Expand Settings > Protocols and select SMTP, then select the Delivery of e-mail tab.
○ In the Local host name box, type mail.515support.com and then select Save.
○ Under Settings select Logging then check the Enabled box. Under Log, check Application, SMTP,
and IMAP, and then select Save.
○ Expand Settings > Advanced then select Auto-ban and uncheck the Enabled box. Select Save.
○ Under Settings > Advanced select Scripts then check the Enabled box.
○ Select Show scripts. Navigate to C:\LABFILES and then double-click the ms1-hmail VBscript. In
the confirmation prompt, select OK.
○ In hMailServer Administrator, select Save.
○ Expand Domains > 515support.com and select Accounts to verify that the domain accounts
have been added.
If the accounts are not added, investigate connectivity problems between DC1 and MS1, such as NLA setting an incorrect
firewall profile.
○ Select Exit.
8) Leave the DC1, MS1, and RT1-LOCAL VMs running while you complete configuration of the other
VMs.

Phase 4. Installing the Client VMs
You need to select the appropriate date and time plus product key information for the Windows 10,
Windows 7, and (optionally) Windows 8.1 VMs.
1) On the HOST, in the elevated PowerShell prompt execute the following command:
C:\COMPTIA-LABS\setupvms4a-winclients
The script will configure each VM and add the appropriate Windows ISO file to the virtual DVD drive.
The script will remove any existing VMs with the same name as those used in the activities and delete the VHDs.
2) Open the Hyper-V management console then open session consoles for each Windows client VM.
Complete the following steps on each Windows client VM (PC1, PC2, and optionally PC3):
○ Open the connection window and start the VM and then press a key to boot from the setup disc.
○ Choose appropriate time/currency and keyboard formats then select Install Now.
○ Enter your product key if prompted.
○ Accept the license agreement.
○ Select a Custom installation.
○ Accept the default disk options and select Next to start installation.
Configuring the PC1 (Windows 10) VM
Once installation is complete, you will run two scripts to join the domain and install applications for use
in the course.
1) Complete the initial settings wizard by making the following choices:
○ When prompted, configure regional options and keyboard.

○ At the Let’s connect you to a network screen, select Skip for now.
○ At the Who’s going to use this PC, create a user named Admin then select Next.
○ At the Create a super memorable password screen, select Next, leaving the Password box blank.
○ At the Make Cortana your personal assistant screen, select No (or Decline depending on the
release version).
○ At the Choose privacy settings for your device, select Accept.
Wait a few minutes for the installation to complete.
2) In the Connect to PC1 dialog box, set the VM console window to an appropriate resolution. Select
Show options, check the Save my settings for future connections to this virtual machine box,
then select the Connect button.

3) Select Sign in.
4) On the HOST, open C:\COMPTIA-LABS then copy the LABFILES folder.
5) In the PC1 VM, open the root of the C: drive in Explorer then paste the copied folder.
6) Right-click Start and select Windows Powershell (Admin). At the UAC prompt, select Yes. Run the
following script:
[Confirm with Y]
c:\labfiles\pc1-setup1
7) When the VM restarts, select Other user. Enter 515support\Administrator with password Pa$$w0rd
8) Right-click Start and select Windows Powershell (Admin). At the UAC prompt, select Yes. Run the
following script:
c:\labfiles\pc1-setup2
9) You should see icons for various tools and utilities appearing on the Desktop after a few minutes.
The Webserver Stress Tool will run as the script executes. You can just ignore it. The VM will restart
when the script finishes. You can continue with installing PC2 while the script runs.
10) Shut down the VM.
Configuring the PC2 (Windows 7) VM
Once installation is complete, you will run a script to join the domain and install applications for use in
the course.
1) Complete the initial settings wizard by making the following choices:
○ On the first Set Up Windows page, enter Admin in the User name box and PC2 in the PC name box,
then select Next.
○ On the Set a password page, enter the password as Pa$$w0rd and put 515support default as the hint.
Select Next.
○ If prompted, on the Type your product key page, enter your product key and select Next.
○ Choose the Ask me later option on the Windows Update page.
○ Adjust the date and time settings if necessary then select Next.
○ On the Current location page, select Work network.
2) Wait a few minutes for the installation to complete.
3) Select Start, type PowerShell and press CTRL+SHIFT+ENTER. At the UAC prompt, select Yes.

[Confirm with Y]
\\DC1\labfiles\pc2-setup
[Confirm with R]
5) The Webserver Stress Tool will run as the script executes. You can just ignore it. When the VM
reboots, select Switch User then select Other User and log back in as 515support\Administrator.
6) Shut down the PC2 VM.
(Optional) Configuring the PC3 (Windows 8.1) VM
If you want to use the environment to run A+ courses, you may also want to install a Windows 8.1 VM.
You do not need this VM to run Security+, Network+, or CySA+ courses.
1) On the HOST, open the C:\COMPTIA-LABS\setupvms4b-win8client script for editing in the

Windows PowerShell ISE and adjust the value of the variables $win8iso to the path to your Windows
8.1 installation media ISO file. Save and close the file.
2) On the HOST, in the elevated PowerShell prompt execute the following command:
C:\COMPTIA-LABS\setupvms4b-win8client
3) From Hyper-V Manager, open a connection window for the PC3 VM.
4) When automated setup finished, complete the OOBE configuration steps. On the Personalize page, in
the PC name box, type PC3, and then select Next.
5) Select Use express settings.
6) Select Create a local account.
7) Enter User name as Admin and configure the password as Pa$$w0rd.
8) Select Finish.
9) Once the profile has been built, shut down the VM.

(Optional) Linux VMs and Keyboard Layout
Students will also complete some activities on various Linux VMs. These VMs have been created as part
of the scripts you have run already. The Linux VMs have been created using standard US keyboard
layouts. If you are using a different keyboard layout, you may want to adjust the settings in each VM.
The means of doing this are as follows:
■ LX1 (centos / Pa$$w0rd)—Applications > System Tools > Settings > Region & Language.
■ RT* VyOS Routers (vyos / Pa$$w0rd)—run sudo dpkg-reconfigure keyboard-configuration
■ KALI/PT1 (root / Pa$$w0rd) —Settings > Region and Language.
■ LAMP (lamp / Pa$$w0rd) —run sudo dpkg-reconfigure keyboard-configuration
■ PFSENSE/UTM1 (admin / Pa$$w0rd) —use option 8 to get shell then run kbdcontrol -l uk.iso.kbd (replace
"uk" as appropriate). This VM is mostly operated via the web console though.
■ SECONION (administrator / Pa$$w0rd) —Settings (top-left icon) > All Settings > Keyboard > Layout.
■ SIEM1 (siem / Pa$$w0rd) —Settings (top-left icon) > All Settings > Keyboard > Layout.
Phase 5. Creating Checkpoints

To complete setup, shut down the remaining VMs and create checkpoints.
1) Shut down the DC1 and MS1 VMs.
2) In Hyper-V Manager, double-click the RT1-LOCAL VM to open a connection window. Enter vyos as the
login and Pa$$w0rd as the password. Type poweroff then press ENTER and confirm with Y
3) Close any open VM console windows.
Checkpoints are saved images of the disk and VM config file in a particular state. Create a checkpoint
now so that the VMs can be completely reset to the start of class state.
4) In the Hyper-V Management console, ensure that the State of each VM is listed as Off.
5) Open a PowerShell prompt with elevated privileges (WINDOWS > windows PowerShell >
CTRL+SHIFT+ENTER).
6) Execute the following command:
C:\COMPTIA-LABS\setupvms5-checkpoint
7) Optionally, once the script has completed, optionally set the execution policy back to restricted:
Set-ExecutionPolicy Restricted
[Confirm with r]

To revert the course and prepare for the next class, make sure the following actions have been
completed (students are prompted to complete these actions where relevant in the course):
1) Apply the Initial Config checkpoints to all VMs then delete any checkpoints created by the students
during the activities.
2) Delete any VMs that the students created (RESTORE VM in the A+ backup activity and VMx in the A+
scripting activity for instance).
3) Delete the contents of the C:\COMPTIA-LABS\TEMP folder (used in A+).
4) Delete the C:\COMPTIA-LABS\Forensics and C:\COMPTIA-LABS\Forensics – Marketing folders

(created during the CySA+ course).

Updating an Existing OCC Security+ or
Network+ Environment
If you have already completed setup for A+ (220-1000/220-1002) and Network+/Security+ OCC 2019
Update you do not want to repeat the whole setup process, please complete the following tasks to
update the activity environment to support CySA+.
1) If you have not already done so, use the following link to download the updated setup script for
Security+ and Network+ and then extract the contents to C:\COMPTIA-LABS, overwriting any existing
files:
2) On the HOST PC, open a PowerShell prompt with elevated privileges (START > windows PowerShell >
CTRL+SHIFT+ENTER).
3) Execute the following command:
C:\COMPTIA-LABS\getvms-cysaonly.ps1
The script will download and extract the additional and replacement files for the CySA+ activities.
4) Run the following script to create the additional VMs:
C:\COMPTIA-LABS\setupvms2b-cysa.ps1
5) Delete any existing checkpoints from all VMs.
6) Boot and connect to the following VMs: DC1, MS1, PC1, PC2.
7) On the HOST, copy the contents of the updated C:\COMPTIA-LABS\LABFILES folder.
8) Sign in to DC1 as Administrator / Pa$$w0rd, and paste the clipboard contents to the C:\LABFILES folder,
choosing to overwrite any existing files.
9) Sign in to MS1 as 515support\Administrator / Pa$$w0rd, and select Start, right-click the Windows
PowerShell tile, and select More > Run as administrator. At the UAC prompt, select Yes. Run the
following command:
Copy-Item \\DC1\LABFILES\* c:\LABFILES -recurse -force -passthru
10) Sign in to PC1 as 515support\Administrator / Pa$$w0rd, and paste the clipboard contents to the
C:\LABFILES folder, choosing to overwrite any existing files.
11) Sign in to PC2 as 515support\Administrator / Pa$$w0rd, and select Start, type PowerShell and press
CTRL+SHIFT+ENTER. At the UAC prompt, select Yes. Run the following command:

12) Run the checkpoint script:
Updating an Existing A+ Environment

If you have already completed setup for A+ (220-1000/220-1002) and you do not want to repeat the
whole setup process, please complete the following tasks to update the activity environment to support
Security+, Network+, and CySA+.
1) If you have not already done so, use the following link to download the updated setup scripts for
and then extract the contents to C:\COMPTIA-LABS, overwriting any existing files:
2) On the HOST PC, open a PowerShell prompt with elevated privileges (START > windows PowerShell >
CTRL+SHIFT+ENTER).
C:\COMPTIA-LABS\getvms-update.ps1
The script will download and extract the additional and replacement files for the Security+,
Network+, and CySA+ activities.
4) When download and file extraction is complete, in the c:\COMPTIA-LABS\setupvms2-linux.ps1,

delete or comment out (add # at the start of each line) lines 6-34 so that your existing RT1-LOCAL
and LX1 VMs are not overwritten. Run the following two scripts to create the additional VMs.
C:\COMPTIA-LABS\setupvms2-linux.ps1
C:\COMPTIA-LABS\setupvms2b-cysa.ps1
5) Delete any existing checkpoints from all VMs.
6) Boot and connect to the following VMs: DC1, MS1, PC1, PC2, LX1.
7) On the HOST, copy the contents of the updated C:\COMPTIA-LABS\LABFILES folder.
8) Sign in to DC1 as Administrator / Pa$$w0rd, and paste the clipboard contents to the C:\LABFILES folder,
choosing to overwrite any existing files.

9) Run the following PowerShell commands from an administrative prompt (you can also find these in
the updated dc1-setup3.ps1 script). These commands allow zone transfers and disable ESC for
Internet Explorer.
Set-DnsServerPrimaryZone -Name 'corp.515support.com' -SecureSecondaries TransferAnyServer

Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-
37EF-4b3f-8CFC-4F3A74704073}" -Name "IsInstalled" -Value 0
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-
37EF-4b3f-8CFC-4F3A74704073}" -Name "IsInstalled" -Value 0
New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Internet Explorer\Main" -Name
"NoProtectedModeBanner" -PropertyType DWORD -Value 1
10) Sign in to MS1 as 515support\Administrator / Pa$$w0rd, and select Start, right-click the Windows
PowerShell tile, and select More > Run as administrator. At the UAC prompt, select Yes. Run the
following command:
11) Install OpenSSL using C:\LABFILES\Win64OpenSSL_Light-1_1_0f.exe
12) If you skipped hMail Server installation, complete that now, using the steps provided above.
13) Sign in to PC1 as 515support\Administrator / Pa$$w0rd, and paste the clipboard contents to the
C:\LABFILES folder, choosing to overwrite any existing files.
14) Sign in to PC2 as 515support\Administrator / Pa$$w0rd, and select Start, type PowerShell and press
CTRL+SHIFT+ENTER. At the UAC prompt, select Yes. Run the following command:
15) Add a desktop shortcut to c:\labfiles\ipscan-win64-3.5.3.exe, naming it Angry IP Scanner

(alternatively students can just run the program from labfiles during the exercises rather than using
the desktop shortcut).
16) Sign in to the LX1 VM (centos / Pa$$w0rd) and run the following commands:
sudo firewall-cmd --zone=public --permanent --add-service=https

sudo firewall-cmd --zone=public --permanent --add-service=http
17) Shut down any running VMs.

18) Run the checkpoint script:
19) Install the Autopsy software to the HOST, using the c:\COMPTIA-LABS\autopsy-4.10.0-64bit.msi
installer.


Setup Guide For CySA+

Uploaded by

Copyright:

Available Formats

Setup Guide For CySA+

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Setup Guide For CySA+

Uploaded by

Copyright:

Available Formats

Setup Guide

Official CompTIA CySA+® (Exam CS0-002)

Setting Up Lab Activities

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

Student HOST PC Requirements

■ Windows 10 x64 Professional/Enterprise Branch 1803 or later with Hyper-V installed.

■ 2 GHz multi-core x64 CPU with virtualization support.

■ Ethernet network card (supported by Windows host OS).

■ 2x Windows Server 2016 Standard Edition.

■ Windows 7 Professional/Enterprise x64 Edition SP1 (Build 7601).

■ Windows 10 Professional/Enterprise x64 Edition (Build 1803).

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

Instructor HOST Computer

■ PowerPoint or PowerPoint Viewer.

■ Large monitor or screen to display the slides.

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

5) Create checkpoints for each VM to allow the activity environment to be reset.

Phase 1. First Steps

7) Use the following link to download the setup script:

8) Extract the contents of the zip to C:\.

You should now have the following files in C:\COMPTIA-LABS:

10) Execute the following commands:

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

Extract files to the c:\ drive

• EITHER: open the C:\COMPTIA-LABS\setupvms3-winservers and C:\COMPTIA-

• OR: rename your ISOs to C:\COMPTIA-LABS\win2016.iso, C:\COMPTIA-LABS\win10.iso, and

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

13) Install the following software on the HOST PC:

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

2) Execute the following commands (assuming ExecutionPolicy is already set to Unrestricted):

Phase 3. Installing the Windows Server VMs

1) Execute the following command in the elevated PowerShell prompt:

3) Sign into the VM as Administrator with Pa$$w0rd

4) On the HOST, open C:\COMPTIA-LABS and copy the LABFILES folder.

8) When the DC1 VM reboots, sign in to the domain as Administrator.

11) Point to the network icon—it should now be identified as "corp.515support.com."

12) In PowerShell, run the following script:

Configuring the MS1 VM

3) Sign in as Administrator with Pa$$w0rd.

4) Open PowerShell and run the following script:

5) When the MS1 VM has restarted, sign back in as 515support\Administrator.

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

○ Run the C:\LABFILES\hMailServer-5.6.6.exe setup program.

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

Configuring the PC1 (Windows 10) VM

1) Complete the initial settings wizard by making the following choices:

○ When prompted, configure regional options and keyboard.

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

4) On the HOST, open C:\COMPTIA-LABS then copy the LABFILES folder.

10) Shut down the VM.

Configuring the PC2 (Windows 7) VM

1) Complete the initial settings wizard by making the following choices:

2) Wait a few minutes for the installation to complete.

4) Execute the following commands:

LICENSED FOR USE ONLY BY: HILMA · 21493881 · NOV 25 2021

6) Shut down the PC2 VM.