Day 1 - Inside the Cyber Security Analyst's Day: Real-Life Challenges and Hands-On Training
Welcome back! Before we dive into the content, I want to give you a heads up that there are spoilers ahead. Spoiler Alert! This is a solutions video. The assumption is that you've already completed the (ADX and KC7 Getting Started videos and Section 2 Aliens Section 3: TopSecret. You can find these videos and instructions in the show notes below:
• ADX Getting Started - • Hands-On Guide to Azure Data Explorer...
• KC7 Getting Started - • Hands-On Guide to KC7 Training - Mast...
We don't want to rob you of the experience of learning and gaming on your own. This video is designed to provide context to the answers and bring life to the data, techniques, tactics, and precision. So please be sure you have completed KC7 Section 3: TopSecret 🤫 module before proceeding.
To get started, grab the companion guide from the link in the show notes below. Also, if you like this content, make sure to subscribe to the channel so you won't miss any new videos.
---------------------------------------------------------
00:00 : Preview
00:30 : Spoiler Alert and Introduction to KC7 Section 2: Aliens
01:38 : Lesson Objectives
03:44 : Which email address sent a message containing the domain invasion.xyz?
05:27 : How many users received email with links to the domain invasion.xyz?
07:22 : What was the subject of the email sent in (1)?
09:19 : Who received the email in (1)? (Provide the email address of any of them)
10:25 : What is the IP of the user who clicked on the link from the email containing the domain invasion.xyz?
11:53 : What is the name of the user from (6)?
12:19 : When did the user in (6) click on the link? Provide an exact timestamp?
13:11 : What is the hostname of the user in (6)?
13:38 : How many total emails were sent by the email address in (1)?
15:47 : What file (name) was sent as a link in the email in (1)?
16:58 : Did the user in (6) download the file on the link? (yes/no)?
19:30 : How many unique filenames were sent by email address in (1)?
20:50 : What domain did the email address in (1) use to target Richard Clements?
22:18 : When did Richard Clements click on the link sent by the sender in (1)?
24:44 : When did Richard Clements download the file in the link?
25:33 : What was the name of the file that Richard Clements downloaded (after clicking on the link?)
26:13 : What file was observed on Richard Clement's machine immediately after he downloaded file in (16)?
28:06 : What was the Sha256 hash of the file in (17)?
28:55 : What is the reported name of this file on Virustotal?
30:50 : How many positive detections did the hash in (18) receive on VT?
31:24 : How many processes were spawned on Richard Clement's machine by the file in (18)?
34:35 : The file in (18) established a remote connection from Richard Clement's machine to an external IP over port 443. What was this IP?
35:25 : The attackers came back to Richard's machine to enumerate Enterprise Admins.
40:02 : What commands did the attacks run to dump credentials on Richard's machine?
42:28 : Attackers enumerated the contents of this folder (name) on Richard's machine?
43:35 : How many machines have similar commands connecting to C2 observed in (22)
45:35 : How many unique implants were used to establish these C2 connections?
47:59 : C2 connections were observed on hostname 0KYU-DESKTOP. When did this occur?
49:11 : On hostname 0KYU-DESKTOP, attackers ran this command to delete data backups?
50:58 : The observed actor conducted this type of destructive attack?
51:55 : Homework | Complete the Section 3: TopSecret 🤫 KC7 cyber challenge
51:55 : Homework | Complete the Section 3: TopSecret 🤫 KC7 cyber challenge @ https://kc7cyber.com/challenges/26
---------------------------------------------------------
➜ Please be sure to visit https://www.frantzmerine.com/resources to download a free copy of the companion guide used in this lesson.
---------------------------------------------------------
➜ TO SUPPORT THE CHANNEL
https://cash.app/$CyberLabs007
https://www.paypal.com/paypalme/frant...
Смотрите видео Day 1 - Inside the Cyber Security Analyst's Day: Real-Life Challenges and Hands-On Training онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Hands-On Lab Training for CompTIA Security+ Exam 31 Декабрь 2023, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 1,247 раз и оно понравилось 123 людям.