'Dirty Lab' setup?
I'm creating a lab for 12 HND students to learn digital forensics. I have access to:
- a classroom with 24 seats. Each student has 2 PCs - one locked down college PC, and an unlocked lab PC connected to...
- a server room comprising Cisco lab equipment (plenty of routers and switches) and 4 Dell servers to host VMs (Citrix Xenserver and Hyper-V). Internet access.
Would physical be better than virtual machines? I could do either.
Students need to learn how to 'forensicate' storage, network devices and a cyberattack.
I'm thinking of using the forensics tools in Kali Linux.
Any thoughts/ideas appreciated!
Physical machines will be easier.
But I would keep an image of machine setup. There is always "that student" that thinks its fun to monkey with stuff. I have gotten in the habit of just reinstalling the OS and all tools from an image before any instruction.