Help

Ask questions and find answers

Forum Widgets

Recent Discussions

Microsoft Sentinel SOAR: Demonstrate Your Skills
I am currently working on the Microsoft Sentinel SOAR lab, which involves the use of logic app for automation. From task 4 of the lab, which requires me to do the below and the lab will automatically detect when I complete the task but this hasn't been marking it as complete for me; Has anyone experienced similar issue because I am certain my logic app designer is correct and the run history has been successful ? Attached are screenshots
Tesleem
11 hours ago
immersive labs
0likes
7Comments
Microsoft Sentinel SOAR: Demonstrate Your Skills Question 11
I have finished all my other Task and the last task doesn't want to unlock. I have been waiting over 30 minutes or more now. Can anymore guide me on what to do. Please Help. Thanks
hiroellis
2 days ago
cloud security
0likes
1Comment
APT29 Threat Hunting with Splunk: Demonstrate Your Skills - Question 10
In relation towards the question : A PowerShell script was initially executed to extract encoded data from an image file. What is the full ParentCommandLine field value used to execute this? I am pretty lost and where I should be looking for, as searching for the zipped file activities did not bring up any notable powershell scripts I also tried inputting: C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Archive\Microsoft.PowerShell.Archive.psm1 as well which did not work
Solved
kevinh
3 days ago
help & support
immersive labs
0likes
1Comment
Threat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 7
In relation to What is the device that tcpdump is dumping packets from? For some reason win-host-1.asgard.corp and win-host-1 does not work and NPF_{B1ADE8FD-CC9A-4857-9C50-28078779F038}, I am wondering babout what I am doing wrong in terms of approaching this question, and How I should be redirecting my attention instead. 10.10.10.30 does not work as well
Solved
kevinh
5 days ago
help & support
immersive labs
0likes
1Comment
Ethereum: The Blockchain, Transactions, and Explorers
Hi All, I am super stuck on question 9' After completing the previous question, a certain number of ETH was sent to your wallet. Using the blockchain explorer, what is the address that sent you this ETH?' I have input the labs wallet ID into the block explorer but I cant see any transactions to trace where the ETH has come from. Am I being stupid or is something not working?
Adbee
5 days ago
help & support
immersive labs
questions & feedback
0likes
1Comment
Microsoft Sentinel SOAR: Demonstrate Your Skills
I have tried to complete the Microsoft Sentinel SOAR lab. I saw the following information, which is limiting my access. I am unable to complete any task that involves role assignment. I was able to complete every other task in the lab that does not involve role assignment. The lab was assigned to me as part of my assessment, but my license won't permit me to complete it. Has anyone encountered this error, and how did you resolve it?
XBL
5 days ago
candidate screening
immersive labs
0likes
1Comment
Cannot seem to connect to Snaplabs via VPN
Hello, I’ve spun up a Snaplabs range - it’s a templated range based on shirts. I seem to be having trouble connecting to it though: I’ve added a VPN and tried to connect to it from several endpoints (including a cloud instance with no filtering) and the connection is never made on port 1194 I’ve tried adding an admin machine as it is necessary to connect to different machines via guacamole but I can’t seem to find it anymore. Perhaps I’m looking in the wrong place. Any push in the right direction would be highly appreciated. Thanks!
Solved
ijunki3
7 days ago
help & support
2likes
12Comments
Threat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 3
For the question There is a .bat file that is executed on the victim machine. What is the file path of the .bat file?, for some reason I cant pick up any strings in general with that pattern. I am wondering if I should be parsing for something else such as a .zip, but event then. the "bat" keyword should have been picked up I believe
kevinh
10 days ago
help & support
immersive labs
0likes
2Comments
Threat Actors: Mint Sandstorm – Campaign Analysis - Question 9
In relation to the What named local variable holds the IP address from the for loop? I have been checking out the local varaibles but as per the for loop none of the variables typed in were correct. I am basically lost if none of the local variables observed in the for loop was observed to be the answer. I am wondering about what direction I should take in terms of digging deepering into how the IP is stored where even the variable ServIp was showcased to be incorrect and wsaData. <-- leveraged Gemini for aid in parsing and understanding of the compiled code for ease of understanding and if there was anything I missed from the code, that may hint at a more indirect variable as well
Solved
kevinh
10 days ago
help & support
immersive labs
0likes
1Comment
APT43: Malware Analysis - Question 8
In relation to the type of files are they once extracted? After extracting the files, I was basically trying multiple file extensions, from XML type files, to VBA as per the briefing. I am wondering about what the question means by "the Type" of files, so I can pivot my investigation more relevant. I have also tried Microsoft Document and other file application names <-- used Gemini to help me generate possible names, due to how it may have just been my own understanding of what the question meant as well
kevinh
12 days ago
help & support
immersive labs
0likes
1Comment

Get support from the community

If your question has been answered, help others by clicking: