Academy SOC analyst pathway

I just finished the first two BASIC questions right before ‘windows event logs and finding evil’, where I had to write a custom xml query. Did anyone else do the 2nd question first? I am curious if there is any other way to filter through all the 4907 event ID’s.

Thanks

  • Charlie