Investigate and detect potential threats across your environment.
Press enter or click to view image in full size
Task 1: Introduction
Continuing to investigate the incident from Operation Global Dagger 1, we need to investigate more unusual user and machine behaviours, some persistent activities, malicious executions, and attempts by an attacker to disable the organisation’s security solution.
Room Objectives
In the next task, you will be required to use different Microsoft Defender XDR products and features to detect and investigate various activities within your organisation, such as:
- Malicious persistence activities
- Malicious executions on devices
- Evasion of security tools
- Lateral movement
Prerequisites
- Operation Global Dagger 1 room
- Microsoft Defender XDR module
- MITRE room
Task 2: Lab Instructions
Kindly follow the instructions below to access your lab on the next task.
On your lab task, Lab: Detect and Investigate: Task 3, click the Cloud Details button.