Objectives and Requirements
The objective of this exercise is learning how to parse andanalyze the logs on a Windows Operating System during an incidentresponse investigation.
- Explain what would indicate an external Remote Protocol loginwithin a Windows 2012 server only using the Windows event logs.Include the login type and any additional information?
- Using event log explore create a custom column which showswhich user logged in using the Windows security logs from yoursystem. Please provide a screen shoot of the custom column.
Expert Answer
An answer will be send to you shortly. . . . .