XDR: Execution
Premium roomInvestigate and prevent techniques that run malicious code on local or remote systems using Defender XDR.
medium
60 min
318
To access material, start machines and answer questions login.
As cyber security threats continue to evolve, malicious threat actors find more and more ways to execute malicious code on a victim’s device. Some threat actors may utilise basic scripts hidden in Office macros, whereas others take advantage of weaknesses in an application or software. A more sophisticated attacker may embed their code within trusted utilities like to evade detection while achieving their objectives.
Initially, attackers gain access and then deploy their malicious code to initiate their operations, enabling them to deliver payloads and disrupt critical services for their benefit.
In this room, we will discuss execution attack tactics in general and how we, as security admins, can use Microsoft Defender XDR to detect and prevent them from executing malicious code on a system.
Execution tactics form the foundation of cyber threats, allowing adversaries to launch malware, establish , and move laterally into their targets. Understanding how execution tactics work is the first step in defending against it.
Learning Objectives
After completing this room, you will be able to understand the following:
- What are execution attack tactics
- Discuss various attack techniques and how they can be mitigated
- Review incidents related to an execution attack on the Microsoft Defender XDR portal
- Explain how to mitigate and respond to an execution attack using Microsoft Defender XDR
Cool, let's go!
Ready to learn Cyber Security?
The XDR: Execution room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in