First of all I want to piont out that we are learning all of these to become Ethical Hackers, not to do evil things. But when getting credentials is needed for the job then doing some phishing attack is the best way to do it, or dumping a keylogger in victim machine can also be very useful.
So gathering information about the victim is essential, then you can do any of the attacks mentioned in the course. Those are just general ideas on what you can do so you have to make the proper adjustments so it fits your specific scenario. Also let me tell you that a week is not enough to do it like a professional hacker, this take time, patience, practice and lots of researching hours.