Threat Hunting: Endgame
Premium roomLearn how to hunt and discover suspicious activities indicating actions on objectives.
medium
To access material, start machines and answer questions login.
Threat Hunting: Endgame
In this room, you will learn how to implement the threat hunting process to hunt malicious activities performed in the "Actions on Objectives" phase of the "Cyber Kill Chain". You will also experience the hunting process of commonly used ATT&CK techniques under the collection, exfiltration and impact tactics. The ultimate objective of the room is to teach how to conduct a threat hunting investigation to detect attackers' main objectives in the system.
Learning Objectives
- Gain applied hands-on threat hunting investigation skills.
- Familiarise yourself with the "Actions on Objectives" phase.
- Familiarise yourself with correlating and evaluating artefacts for a hypothesis.
- Experience the threat hunting process for a defined scope.
Room Prerequisites
- Windows Event Logs
- Windows Forensics 1 & 2
- Core Windows Processes
- Sysinternals
- Threat Emulation Module
Ready to learn Cyber Security?
The Threat Hunting: Endgame room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in