In the previous chapter, we prepared a network "basis" for the lab in two options: hardware and virtual. Now, it is time to fill the lab network with application-level functional components such as web servers and database servers. Those components are needed to build a lab network that has most of the capabilities of a real enterprise network to let a penetration tester practice the most common and "must-know" cases and techniques.

Usually, applications and network services are the main goal for attackers and the main target of their attacks. Such components are usually used to process and store financial and private data, trade secrets, and other sensitive confidential data. They are often used ...