Overview
As part of the defense in depth model it is vitally important to keep tabs on the events occurring on individual devices/systems. In this lab, students will use nmap to conduct a manual service scan to discover any networked devices as well as the services those devices are running. Next, they will log into a Windows workstation to set up auditing for system services, and then enable the auditing of attempts (successes/failures) to use a specific program (Splunk). Finally, the students will validate that the new audit objects are successfully working by reviewing the Event Log for the Windows workstation host.
![](https://cdn.prod.website-files.com/63eef1be981a383fb127661f/6468e88f5610d40095311675_Manual_Vulnerability_Assessment_.jpeg)
Learning Partner
![CYBRScore](https://cdn.prod.website-files.com/63eef1be981a383fb127661f/64744bb1dac63cc4698c7781_browse-cybrscore-logo.png)
CYBRScore
Cybersecurity Technical Hands-on Labs