Level 1: Domain controller, 500 / 850 (59%)
58.823529411765% complete
Level 2: W10-PC3, 0 / 1,050 (0%)
Level 3: W10-PC5, 0 / 1,150 (0%)
Total: 500 / 3,050 (16.4%)
| Challenge |
Solved |
Points |
|
09_Extra. Which kind of authentication used the attacker to log into the system?
(Level 1: Domain controller)
|
#34,
3 years, 2 months after release (2024-01-17 17:32:49)
|
100 |
|
09. What is the IP used by the attackers to connect to the domain controller ?
(Level 1: Domain controller)
|
#46,
3 years, 2 months after release (2024-01-17 17:23:40)
|
25 |
|
07. Which ransomware family are the attackers planning to deploy?
(Level 1: Domain controller)
|
#43,
3 years, 2 months after release (2024-01-17 17:11:38)
|
50 |
|
05. The antivirus detected a malicious file around this time. Which name does it have?
(Level 1: Domain controller)
|
#50,
3 years, 2 months after release (2024-01-17 17:07:45)
|
50 |
|
04. A foul-mouthed named script was executed a little after this user login. What is its name?
(Level 1: Domain controller)
|
#48,
3 years, 2 months after release (2024-01-17 16:54:27)
|
50 |
|
03. At what time can you see a logon type 10 user login on the domain controller?
(Level 1: Domain controller)
|
#52,
3 years, 2 months after release (2024-01-17 16:47:45)
|
50 |
|
02. At which time can the second malicious GPO be considered as loaded and ready to be applied?
(Level 1: Domain controller)
|
#44,
3 years, 2 months after release (2024-01-17 16:43:16)
|
100 |
|
01- What is the name of the first anomalous GPO?
(Level 1: Domain controller)
|
#35,
11 months, 7 days after release (2024-01-17 15:55:23)
|
75 |
