INTRO TO ENDPOINT SECURITY

ENDPOINT SECURITY FUNDAMENTALS

What is the normal parent process of services.exe?
wininit.exe
 * wininit.exe > services.exe
   wininit.exe > services.exe > svchost.exe
What is the name of the network utility tool introduced in this task?
TCPView

ENDPOINT LOGGING & MONITORING

Where do the Windows Event logs (.evtx files) typically reside?
C:\Windows\System32\winevt\Logs
Provide the command used to enter OSQuery CLI.
osqueryi
What does EDR mean? Provide the answer in lowercase.
endpoint detection and response
PreviousENDPOINT SECURITY MONITORINGNextSKILLS ASSESSMENT

Last updated