You have a server named Server1. You need to configure PowerShell logging to capture dynamic code generation. The solution must minimize the number of events that are logged. What should you configure?
wrong, the correct answer is B.
source: https://devblogs.microsoft.com/powershell/powershell-the-blue-team/
"When you enable script block logging, PowerShell records the content of all script blocks that it processes. If a script block uses dynamic code generation (i.e.: $command = “‘Hello World'”; Invoke-Expression $command), PowerShell will log the invocation of this generated script block as well. This provides complete insight into the script-based activity on a system – including scripts or applications that leverage dynamic code generation in an attempt to evade detection."
Agreed w/ Loonix. B is the answered
"Script Block logging generates less events as compared to the Module logging but they are more detailed."
https://medium.com/@ammadb/powershell-logging-module-logging-vs-script-block-logging-7aa74bf66261'
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.70-744 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
loonix
Highly Voted 4 years, 10 months agoSamsOtro
Most Recent 4 years, 5 months agothattanguyz
4 years, 8 months ago