Intro to Endpoint Security 

• What is the normal parent process of services.exe?

wininit.exe

• What is the name of the network utility tool introduced in this task?

TCPView

• What is the PowerShell cmdlet for viewing Windows Event Logs?

Get-WinEvent

• Provide the command used to enter OSQuery CLI.

osqueryi

• What does EDR mean? Provide the answer in lowercase.

endpoint detection and response

• Provide the flag for the simulated investigation activity.

THM{3ndp01nt_s3cur1ty!}