You're a security analyst for a mid-size company. Its your job to investigate some previously attacked Windows machines to determine how and what the attacker did with minimal tools at your disposal. Do you have what it takes to solve these cyber defense challenges?

This module puts you in the role of a security analyst investigating compromised Windows machines. Your goal is to identify what an attacker did on the system using minimal tools, primarily what would be available to a defender during incident response or forensic triage.

Investigating Windows

A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.

Investigating Windows 2.0

In the previous challenge you performed a brief analysis. Within this challenge, you will take a deeper dive into the attack.

Investigating Windows 3.x

Find the artifacts resident on the endpoint and sift through captured data to determine what type attack occurred on the endpoint.

Lock in what you learned with a recap. Earn points and keep your streak.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

Investigating Windows

Investigating Windows

Investigating Windows 2.0

Investigating Windows 3.x

Topic Rewind Recap