YoVDO

Windows Event Logs - Zero to Hero

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses PowerShell Courses Security BSides Courses Windows Security Courses Windows Event Logs Courses

Course Description

Overview

Explore Windows Event Logs in-depth through this 48-minute conference talk from BSides Detroit 2017. Learn about Windows Event Forwarding, setting up a Cuckoo Malware Lab, and the differences between alerting and exploring. Dive into practical examples including Deep Panda analysis, task scheduling, bad login detection, and PowerShell monitoring. Discover techniques for wireless attack detection, event tracing, and effective log monitoring strategies. Gain insights on recommended Group Policy Objects (GPOs) and valuable tips for handling one-offs and gotchas in Windows event logging.

Syllabus

Windows Event Logs? Really?
#1 Most Important Prereq
Windows Event Forwarding
Description of our Cuckoo Malware Lab
Alerting vs. Exploring
Continued... (Deep Panda Sample)
Task Scheduling (4698 OR 106)
Bad Logins (4776)
Event Tracing for Windows
PowerShell
Wireless Attacks & Misuse
Few More Hunting Possibilities
Monitor Your Monitoring
One-offs, Gotchas, and Recommendations
Recommended GPOS
Questions?


Related Courses

Cybersecurity Roles, Processes & Operating System Security
IBM via Coursera Operating Systems and Security
IBM via edX Hacking in Practice: Intensive Ethical Hacking MEGA Course
Udemy The Complete Cyber Security Course : Hackers Exposed!
Udemy Learning Computer Security and Internet Safety
LinkedIn Learning