Answered step by step
Verified Expert Solution
Question
1 Approved Answer
This is for a lab called PRINT from Blue teams labs online. Investigation Submission Submit the Domain name used by the red teamers for their
This is for a lab called "PRINT" from Blue teams labs online.
Investigation Submission Submit the Domain name used by the red teamers for their test setup ( 1 points) From the network traffic, what is the name of the file that is transferred via SMB? (4 points) What is the C drive location where the file from the previous question is copied? (4 points) Format: C:Ipath\tolfilelxxx.ext What is the attacker's IP:Port for reverse shell? (4 points) Format: IP:Port Submit EventID, AccessMask, ShareName when Accountname="printuser", Sourceaddress=Attacker's IP and Relative Target Name is "spoolss" (4 points) Submit Parent Command Line for the process WerFault.exe (4 points) Format: C:Ipath|tolfilelxxx.exe After getting the reverse shell, the attacker tried the command "whoami", what will be the output of this command? Note: whoami displays user, group, and privileges information for the user who is currently logged on (4 points)Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started