Mastering Your Cybersecurity Virtual Lab — Full Training Book
By David Kuate
Table of Contents
1. Introduction
2. Understanding Virtualization & Lab Goals
3. Installing and Configuring Hyper-V
4. Creating and Managing Virtual Machines
5. Designing a Windows Enterprise Lab
6. Installing and Configuring Windows Server
7. Active Directory: Concepts and Configuration
8. DNS and DHCP: Network Essentials
9. Group Policy: Configuration and Enforcement
10. PowerShell Scripting for System Administration
11. Bash Scripting for Security and Automation
12. Real-World Lab Scenarios & Troubleshooting
13. Security Hardening of Lab Environment
14. Practice Labs & Exercises
15. Additional Tools and Resources
Chapter 1: Introduction
This book is a complete guide to building and mastering your own cybersecurity virtual lab using HyperV. It is designed for IT professionals, students, and career changers who want hands-on experience with
enterprise technologies like Active Directory, DNS, DHCP, Group Policies, and scripting.
By the end of this book, you will: - Build a complete virtual enterprise using Hyper-V - Configure key
infrastructure services - Automate tasks with PowerShell and Bash - Simulate real-world cybersecurity
scenarios - Gain the skills expected in IT support and blue team roles
Chapter 2: Understanding Virtualization & Lab Goals
2.1 What is Virtualization? Virtualization allows you to run multiple virtual machines (VMs) on one
physical computer. Hyper-V is Microsoft’s virtualization platform.
2.2 Why Use a Lab? - Safe environment to break and learn - Try software and setups without harming
your main OS - Practice real scenarios without needing expensive equipment
2.3 Lab Blueprint: - 1 Domain Controller (Windows Server) - 2 Windows 10 Clients - 1 Admin
Workstation (RSAT tools) - Optional: Linux box (Ubuntu/Kali) for scripting and security testing
1
Chapter 3: Installing and Configuring Hyper-V
3.1 Prerequisites: - Windows 10/11 Pro or Enterprise - Virtualization enabled in BIOS/UEFI - At least 16
GB RAM and 100 GB free disk space
3.2 Enable Hyper-V:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
Or manually: - Go to Control Panel > Programs > Turn Windows features on or off - Check Hyper-V,
Hyper-V Platform, and Management Tools - Restart your PC
3.3 Create a Virtual Switch: - Open Hyper-V Manager > Virtual Switch Manager - Create a new External
switch - Name: vSwitch-Ext
Chapter 4: Creating and Managing Virtual Machines
4.1 Download ISOs: - Windows Server (Evaluation): Microsoft Eval Center - Windows 10/11 (Enterprise
trial) - Kali Linux or Ubuntu (optional)
4.2 Create a New VM: - Open Hyper-V Manager > New > Virtual Machine - Set name, memory (2-4 GB),
processor (2-4 cores) - Attach ISO and complete setup
4.3 VM Management Tips: - Use checkpoints before major changes - Enable Enhanced Session Mode Practice export/import of VMs
Chapter 5: Designing a Windows Enterprise Lab
5.1 Lab Topology:
[DC01] — DNS/DHCP/AD — [Switch] — [Win10-1]
— [Win10-2]
— [Admin-PC]
5.2 Static IPs and Networking: - DC01: Static IP (e.g., 192.168.10.10) - Others: Get IP from DHCP or
configure static
5.3 Planning OUs and Groups: - OUs: IT , Finance , HR - Groups: HelpDesk , Managers ,
Interns
Chapter 6: Installing and Configuring Windows Server
6.1 Setup: - Choose Datacenter (Desktop Experience) - Set Administrator password
2
6.2 Configure Roles: - Use Server Manager > Add Roles and Features - Select Active Directory Domain
Services (AD DS)
6.3 Promote to Domain Controller: - Create new forest: lab.local - Restart when complete
Chapter 7: Active Directory: Concepts and Configuration
7.1 What is AD? - Directory service for centralized user, group, and device management
7.2 Create Users, Groups, OUs:
New-ADUser -Name "John Smith" -SamAccountName jsmith -AccountPassword
(ConvertTo-SecureString "P@ssw0rd!" -AsPlainText -Force) -Enabled $true
7.3 Tools: - Active Directory Users and Computers (ADUC) - Group Policy Management Console (GPMC) PowerShell (via RSAT)
Chapter 8: DNS and DHCP: Network Essentials
8.1 Configure DNS Zones: - Forward lookup for lab.local - Reverse lookup zone for 192.168.10.x
8.2 Setup DHCP: - Create new scope:
192.168.10.100
-
192.168.10.200
- Set router:
192.168.10.1, DNS: 192.168.10.10
8.3 Troubleshooting: - Use ipconfig /all , nslookup , and DHCP lease list
Chapter 9: Group Policy: Configuration and Enforcement
9.1 GPO Basics: - GPOs apply settings to users or computers - Linked to OUs
9.2 Sample Policies: - Enforce complex passwords - Block USB storage - Set login banners - Deploy
wallpaper
9.3 Troubleshooting:
gpupdate /force
gpresult /r
Chapter 10: PowerShell Scripting for System Administration
10.1 Core Concepts: - Cmdlets, Pipelines, Variables - Conditional statements, loops
3
10.2 Practical Scripts: - Create 100 users from CSV - Disable inactive accounts - Monitor disk space on
all servers
10.3 Tools: - PowerShell ISE - Visual Studio Code
Chapter 11: Bash Scripting for Security and Automation
11.1 Environment: - Ubuntu or Kali Linux VM
11.2 Bash Essentials: - Shebang ( #!/bin/bash ), variables, conditionals
11.3 Script Examples: - Backup /etc folder - Monitor system resources - Alert on login failures
11.4 Tools: - Nano, Vim, VS Code for Linux
Chapter 12: Real-World Lab Scenarios & Troubleshooting
12.1 User Login Failure: - Audit logs - Reset password via ADUC - Check GPO restrictions
12.2 DHCP Not Working: - Is the scope active? - Is DHCP authorized? - Are clients on correct subnet?
12.3 GPO Not Applying: - Confirm link - Check security filtering - Use gpresult for verification
Chapter 13: Security Hardening of Lab Environment
13.1 Baseline Controls: - Enable firewall - Disable SMBv1 - Rename administrator account
13.2 Patch Management: - Use WSUS or manual updates - Monitor CVEs
13.3 Logging & Monitoring: - Enable auditing policies - Configure event log forwarding
Chapter 14: Practice Labs & Exercises
1. Setup a 3-tier GPO inheritance structure
2. Bulk import users and group assignment
3. Configure DNS failover between 2 DCs
4. Write PowerShell to disable users inactive > 30 days
5. Monitor DHCP leases and export report
6. Simulate phishing and analyze logs
7. Bash script to backup home directories
Chapter 15: Additional Tools and Resources
Free Tools: - Sysinternals Suite - WireShark - Splunk Free - Windows Admin Center
4
Platforms for Learning: - Microsoft Learn - TryHackMe (Blue Team Path) - OverTheWire
Books: - "PowerShell in a Month of Lunches" - "Active Directory: Designing, Deploying, and Running AD"
- "Linux Command Line and Shell Scripting Bible"
End of Book
You now have a structured, comprehensive environment to simulate real IT and cybersecurity
operations. Follow each chapter closely, document your work, repeat key exercises, and grow from
beginner to confident practitioner. Good luck, David!
5
0
