Featured resource
pluralsight tech forecast
2025 Tech Forecast

Which technologies will dominate in 2025? And what skills do you need to keep up?

Check it out
Hamburger Icon
  • Labs icon Lab
  • Security
Google Cloud Platform icon
Labs

Detect Services and Port Changes using PowerShell

In this lab, you’ll practice and develop skills in PowerShell and Windows configuration to look at ways to build defensive capabilities into corporate systems on a company network looking to detect changes to services and ports on a system. When you’re finished, you’ll have the necessary skills and knowledge to create tailored cyber security defense detections for activities relevant to blue team cyber security defense.

Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Beginner
Duration
Clock icon 50m
Published
Clock icon Aug 22, 2024

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Getting Started in the Lab Environment

    Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!

  2. Challenge

    Detecting Changes in Services

    In this challenge you will create a script on a corporate server in order to monitor the services running on a system. You will create the script using PowerShell. You will then attempt to detect changes to services on the system to test your new PowerShell script.

    This will demonstrate how to use the built-in PowerShell capability available on common Windows operating systems to be able to perform customized audit and security detections. This will help you and your organization protect critical servers by using only known services.

  3. Challenge

    Detecting Port Changes

    In this challenge you will need to create a script on a corporate server in order to identify new ports created on the system. You will create the script using PowerShell. You will then attempt to create a new port on the system to test your new PowerShell script, simulating a malicious process.

    This will demonstrate how to use the built-in PowerShell capability available on common Windows operating systems to be able to perform customized security detections. This will help you and your organization protect critical servers in a repeatable way.

    Building further on your learning, you will access findings by remoting from your blue team workstation acting as a central collection and analysis point.

  4. Challenge

    The Last Challenge

    Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.

Tim Coakley is a Senior Security Solutions Architect for a large multi-national organisation and an author at PluralSight. Tim started a long and successful full-time career in Digital Forensics supporting the criminal justice system and law enforcement on a long list of criminal cases.

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.