It is based on the learning content provided in the Intro to Defensive Security room.
Task 1 - Introduction to Defensive Security
Read the introduction to defensive security before proceeding to the next task.
Question 1: Which team focuses on defensive security?
Task 2 - Areas of Defensive Security
Topics related to defensive security like Security Operations Center (SOC) and Digital Forensics and Incident Response (DFIR) are introduced here. Gain an initial understanding before jumping to the next task.
Question 1: What would you call a team of cyber security professionals that monitors a network and its systems for malicious events?
Security Operations Center
Question 2: What does DFIR stand for?
Digital Forensics and Incident Response
Question 3: Which kind of malware requires the user to pay money to regain access to their files?
Task 3 - Practical Example of Defensive Security
In this task we get to follow along, and get a little bit of insight into a Junior (Associate) Security Analyst’s day.
Notice the log in date. It’s 05:25 in the morning. Somebody must have had a rough night… or not.
Run a check on the suspicious login.
Escalate the event to a staff member.
Adjust the firewall rules to block the malicious IP address.
Grab the flag.
Hopefully, following the tutorial in this room could shed a little bit of light on defensive security.
Question 1: What is the flag that you obtained by following along?
thm - shorthand for TryhackMe from now on ↩︎