$1.$ Check log messages from the systemd journal for the following services: NetworkManager.service, sshd$.$service, and auditd.service. $\{$Screen capture$\}$

$2.$ List the permissions of the file containing your system's user passwords, and determine if they are appropriate. $\{$Enter the command used$\}$

$3.$ Determine your account's password aging and if it will expire using a single command. $\{$Enter the command used$\}$

$4.$ Start auditing writes to the $/$etc$/$shadow with the auditd daemon, and then check your audit settings. $\{$Screen capture$\}$

$5.$ Create a report from the auditd daemon on the $/$etc$/$shadow file, and then turn off auditing on that file. $\{$Screen capture$\}$

$6.$ Install the lemon package, damage the $/$usr$/$bin$/$lemon file $($perhaps copy $/$etc$/$services there$),$ verify that the file has been tampered with, and remove the lemon package. $\{$Screen capture$\}$

$7.$ You suspect you have had a malicious attack on your system today and important binary files have been modified. What command should you use to find these modified files? $\{$Screen capture$\}$

$8.$ Install and run chkrootkit to see if the malicious attack from #$5$ above installed a rootkit. $\{$Screen capture$\}$

$9.$ Find files with the SetUID or SetGID permission set. $\{$Enter the command used$\}$

$10.$ Install the aide package, run the aide command to initialize the aide database, copy the database to the correct location, and run the aide command to check if any important files on your system have been modified. $\{$Screen capture$\}$