In this real-training Security Log Secrets webinar I will simulate an intrusion by an outside attacker. Ultimately, as the attacker I will stumble upon of the honey-trap files set up as recommended in one of my recent webinar as an effective way to catch intruders. That will generate an alert which will signal us to change roles and put on the hat of information security officer.
Come with me as I track the intruder’s footsteps through the security logs of the file server, domain controller, VPN server and finally the firewall itself. You will learn how to link events from all of these systems to reconstruct the intruder’s actions. I’ll show you how to use handle IDs, client addresses and other gems of information from the Windows security log to follow the bad guys.
We will use events from Account Logon, Process Tracking, Logon/Logoff, Object Access categories and more. This webinar will break the “neat” needle on the security geek scale.