Forum Widgets
Recent Discussions
Healthcare Compliance
I keep getting an in correct response when answering a question on the Healthcare Compliance Lab. The HIPAA Framework. Question is Your hospital hires an IT consultant to audit your network security. Before giving them access to patient data, what must you do? My response is Have them sign a business associate agreement but its wrong any ideas what the correct response is to this question?
Ethereum: The Blockchain, Transactions, and Explorers
Hi All, I am super stuck on question 9' After completing the previous question, a certain number of ETH was sent to your wallet. Using the blockchain explorer, what is the address that sent you this ETH?' I have input the labs wallet ID into the block explorer but I cant see any transactions to trace where the ETH has come from. Am I being stupid or is something not working?
Microsoft Sentinel SOAR: Demonstrate Your Skills
I have tried to complete the Microsoft Sentinel SOAR lab. I saw the following information, which is limiting my access. I am unable to complete any task that involves role assignment. I was able to complete every other task in the lab that does not involve role assignment. The lab was assigned to me as part of my assessment, but my license won't permit me to complete it. Has anyone encountered this error, and how did you resolve it?
Microsoft Sentinel SOAR: Demonstrate Your Skills
I am currently working on the Microsoft Sentinel SOAR lab, which involves the use of logic app for automation. From task 4 of the lab, which requires me to do the below and the lab will automatically detect when I complete the task but this hasn't been marking it as complete for me; Has anyone experienced similar issue because I am certain my logic app designer is correct and the run history has been successful ? Attached are screenshots
Threat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 3
For the question There is a .bat file that is executed on the victim machine. What is the file path of the .bat file?, for some reason I cant pick up any strings in general with that pattern. I am wondering if I should be parsing for something else such as a .zip, but event then. the "bat" keyword should have been picked up I believeAPT43: Malware Analysis - Question 8
In relation to the type of files are they once extracted? After extracting the files, I was basically trying multiple file extensions, from XML type files, to VBA as per the briefing. I am wondering about what the question means by "the Type" of files, so I can pivot my investigation more relevant. I have also tried Microsoft Document and other file application names <-- used Gemini to help me generate possible names, due to how it may have just been my own understanding of what the question meant as well
Kerberos: Active Directory Certificate Services lab - getting KRB-ERROR (16): KDC_ERR_PADATA_TYPE_NOSUPP
Lab: Kerberos: Active Directory Certificate Services - Labs - Immersive I am not able to get tgt ticket using this command .\Rubeus.exe asktgt /certificate:cert.pfx /user:Administrator /ptt It throws error: KRB-ERROR (16) : KDC_ERR_PADATA_TYPE_NOSUPP I have tried all the steps in same order: 1. .\Certify.exe find /vulnerable 2. .\Certify.exe request /ca:DC01.krbtown.local\krbtown-DC01-CA /template:VulnTemplate /altname:Administrator 3. generate cert.pfx and running rubeus. Searched for this error and it says - "In order to login using a certificate through a valid Kerberos TGT, Public Key Cryptography for Initial Authentication (PKINIT) must be supported in AD." Can someone plz help me to solve the lab.
Immersive Labs – APT29: Threat Hunting with Splunk
Hi everyone, I’m currently working through the Immersive Labs – APT29: Threat Hunting with Splunk lab and got stuck on Question 10. Question: A PowerShell script was initially executed to extract encoded data from an image file. What is the full ParentCommandLine field value used to execute this? What I’ve tried so far: Searched PowerShell logs (EventCode 4103 / 4104) in Splunk Looked for base64/encoded content indicators (e.g., FromBase64String, -enc, IEX) Filtered for image-related activity (e.g., .jpg, .png) Reviewed process creation context but struggling to identify the exact ParentCommandLine. Appreciate any guidance—trying to understand the hunting logic, not just the answer. Thanks in advance!
If your question has been answered, help others by clicking:
