This room provided a scenario-based challenge where I applied the monitoring skills I had been building. I had to investigate logs and endpoint data to uncover what had happened during a simulated attack.
It was a valuable test of my ability to use different tools and interpret data in context. This exercise made me feel more confident in tying technical findings back to an overall incident narrative.
