Back to all walkthroughs
Detecting AD Initial Access
Premium roomDetect AD initial access attacks by analyzing IIS, NPS, and Windows Security logs.
medium
60 min
68
Task 1Introduction
Task includes a deployable machine
Task 2Understanding IIS and Its Logs
Task 3Detecting Web Shell Deployment
Task 4Exchange, OWA, and Credential Attacks
Task 5Detecting OWA Brute-Force Attacks
Task 6VPN and Active Directory
Task 7Detecting VPN Credential Attacks
Task 8Investigation Challenge
Task includes a deployable machine
Task 9Conclusion
Ready to learn Cyber Security?
The Detecting AD Initial Access room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in