Challenge: For the Rebellion or the Empire

This challenge will have you analyze traditional Registry artifacts to identify unauthorized activity. The goal is to see from a blue teamer's point of view the actions an unauthorized user may take on a victim's system when there are inadequate security controls in place.

Course Content

Course Description

Blue Team POV: System Analysis

> In this challenge, you will analyze standard Windows Registry files for a possible insider threat. This challenge aims to look beyond the basics of registry analysis by focusing on the attack timeline and piecing together the attacker's movement to create a picture of precisely what happened.

![CySeeker Peculiar](//

Who is this for:

> Early career to mid practitioners. This challenge may be difficult for individuals new to cybersecurity, but the difficulty rating on this challenge is relatively low. We encourage using any internet resources and community/colleague assistance in completing the challenge.

Are write-ups permitted?

>Yes, write-ups are permitted; please do not post answers directly. All write-ups should include a link to Cybrary and the Cybrary Course.

What resources are available to help solve this challenge?:

>Online search, community, colleagues, or fellow practitioners.

This course is part of a Career Path:
No items found.

Instructed by

Master Instructor
Marc Balingit

Marc has led, managed, and performed global incident response investigations focused on large-scale data breaches, system compromises, data exfiltration, ransomware, and malware outbreaks. He has worn many hats throughout his Incident Response career, including proactive and reactive services. Outside Blue Teaming, Marc is passionate about Vulnerability Research and Malware Analysis. He is a Technical SME at Cybrary, focusing on Threat Actors and Blue Teaming for course content.

Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a Challenge: For the Rebellion or the Empire Certificate of Completion