• Online, Instructor-Led
  • Online, Self-Paced
Course Description

ZeroLogon, a Windows vulnerability rated 10/10 by the Common Vulnerability Scoring System (CVSS) allows attackers to impersonate the domain controller, providing them with quick access to the entire network. Used in a variety of attacks, this vulnerability allows attackers to spread their malware or move laterally in a matter of minutes. Learn to detect and mitigate the use of ZeroLogon while investigating a PCAP file from an exploited machine.

Learning Objectives

Learn to detect and mitigate the use of Zerologon by attackers.

Framework Connections