Challenges are designed to mirror the real experience of doing common tasks in the cybersecurity workforce and assess a players ability to perform those tasks. They are not designed to be like more common hands-on educational labs and they do not have one set solution or step-by-step instructions.


Pay Close Attention to Context & Details

When attempting challenges it is important that you pay close attention to the meeting notes, challenge scenario, and additional information sections. All of these sections include important details that are almost always necessary to complete the challenge properly. In the actual workforce, details of your work will be incredibly important and will often be given to you by peers, customers, or superiors.


Naming Things Correctly Can Make All the Difference


In some challenges, you might be asked to create a specific object, file, user account, or data entry. Usually when you are asked to do so, an explicit name or naming convention is provided. Using the name or naming convention provided when creating the requested object, file, user account, or data entry is often required in order to get associated checks into the desired state. Be sure to double check case and spelling!

Test Your Solutions

Your objective is to deliver the right solution, not just get the checks from red to green. When a challenge wants you to do something like "Open port 80 on the firewall of VM X", and you make modifications to a configuration that you believe will solve that issue do not just assume that you have solved the issue. Test it! Try to access something on that port. If you have successfully tested your solution and the check still does not change to green open a Challenge Bug Report Ticket so we can look into it. When submitting Challenge Bug Reports, please include your tests and any relevant screenshots.


Talk to Your Peers


While we do not advocate you just get a solution from your peers, if your curator allows it, we do suggest asking them for assistance or guidance. In the workforce, you will likely have peers and asking for assistance or guidance is far from uncommon.


Use the Internet


The virtual machines almost always have internet access. If you don't know how to do something it is VERY likely that information on how to do so is publicly available online. Being able to quickly look up and learn new things is quite possibly the most important ability a technical knowledge worker can have, especially in the fast-paced and constantly changing cybersecurity field.