When monitoring event logs for Remote Desktop Protocol (RDP) logins on a Windows system, several specific Event IDs and patterns should be examined. RDP-related events are recorded in the Security Log, and by paying attention to certain...
#cybersecurity #blueteaming #windows #eventlogs
When looking at event logs, what should we watch out for to spot Remote Desktop Protocol logins?
cyber security
Intermediate Level