Crowdly
Add to Chrome
Forensic (MESIIN485025)
Looking for Forensic (MESIIN485025) test answers and solutions? Browse our comprehensive collection of verified answers for Forensic (MESIIN485025) at learning.devinci.fr.
Get instant access to accurate answers and detailed explanations for your course questions. Our community-driven platform helps students succeed!
What is the account used in the connection at 2024-03-19 10:24:40 UTC ?
What process is associated with the firewall rule ROOT\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\805E2883-28D5-4427-9F74-B215FE5792D7 present in the SYSTEM hive ?
From your understanding of the attack, what is the probable initial access method?
At what timestamp was created the file “C:\Program Files\LibreOffice\help\media\icon-themes\cmd\32\mailmergesavedocuments.svg“ on the workstation ?
What is the name of the .bat attacker's file ?
What is the name of the malicious service created by the attacker to run code on WK1? How many times this service was installed ?
A lot of Defender registry key are changed at a random time, which might indicates that the attacker tried to tamper with the antivirus. What’s the timestamp related to this action ?
What is the hostname and the IP address of Thomas’s workstation?
What is the PPID of process smss.exe ?
When did the attacker connect on the machine with another account with elevated privileges ?