Manage Incidents by Using Incident Response Tools

Learn how to improve IT security by managing incidents using incident response tools: centralized logging and group policies (e.g. enabling an account lockout policy, prohibiting access to the Control Panel, PC settings, and registry tools for non-administrators).

Time
30 minutes
Difficulty
Beginner
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Overview

Note: Once you begin the Challenge Lab, you will not be able to pause, save, or exit and then return to your Challenge Lab. Please ensure that you have set aside enough time to complete the Challenge Lab before you start.

Understand the Scenario

You are a network and security administrator. You need to manage incidents by using incident response tools to improve IT security. First, you will configure centralized logging. Next, you will configure Group Policies to enable an account lockout policy for the domain, configure audit policies, and prohibit access to Control Panel, PC Settings and registry editing tools for non-administrators. Finally, you will perform manual Linux updates.

Understand Your Environment

You will be using two domain-joined Windows® 10 virtual machines named W10-ADMIN and W10-ADMIN2, a Windows Server 2019 domain controller virtual machine named WS2019-DC01_NC MailSRV, and a Kali Linux virtual machine named Kali Linux 2021.

Learning Partner
Skillable

Ready-built content across a variety of topics and technologies