In this article, I will be providing a walkthrough to the lovely room provided by TryHackMe known as Windows Fundamentals 3.
It is part of a 3-part course provided by TryHackMe as part of the Pre-Security Learning Path.
The write-up for the previous room, Windows Fundamentals 2 can be found below.
Prerequisites:
- Access to Internet and logging in to your TryHackMe account
- Access the room found here:
Part 1: Introduction
- At this part, just click on Start Machine colored as green to launch the Windows Machine that we can access.
- From here, you can opt to access the system easily by selecting Start Attack Box located at the top of the page in blue as seen below.
- Another method is using Remote Desktop Connection and OpenVPN.
- Install OpenVPN by following the instructions provided by TryHackMe. This can be found in the room:
- Using the Start Menu search bar, launch RDP (Remote Desktop Connection)
- Connect to the machine by providing the IP address generated and the login credentials
- Either method should allow you to access a desktop similar to the one below.
- Now just select the green button found in the section of Answer the questions below before proceeding to task 2. It should appear as below after being clicked.
Part 2: Windows Updates
- After going through the TryHackMe’s detailed explanation, you can find only one question for this section:
- There were two definition updates installed in the attached VM. On what date were these updates installed?
- For this section, use the Windows Key + R combination to launch the Run program. From here, launch the cmd program.
- Use the command provided in this course to launch the Windows Update program:
control /name Microsoft.WindowsUpdate
- Click on the View update history to find recent updates made on the system
- After expanding both dropdown menus for updates, you can see below the Definition Updates done and their corresponding dates.
Answer: 5/3/2021
Part 3: Windows Security
- After going through the TryHackMe’s detailed explanation, you can find only one question for this section of which the answer can be extracted from either the 1st or 2nd image of this module:
- In the above image, which area needs immediate attention?
- If you want to check it practically on the machine, follow the steps below
- Go back to the main page for windows settings and in the search box at the top, search for Windows Security
- Click on Security at a glance and wait for the subsequent window to open
- You can see the module that has been turned off clearly as seen above.
Answer: Virus & threat protection
Part 5: Virus & threat protection
- After going through the TryHackMe’s detailed explanation, you can find only one question for this section:
- Specifically, what is turned off that Windows is notifying you to turn on?
- For this question, follow the steps provided above to access the Windows Security part.
- After this, select Virus & threat protection to open the following window where you can see Virus & threat protection settings has been disabled.
- Go ahead and click on Manage settings to examine exactly what has been disabled
- You should see a window similar to the one below where you can clearly see what has been disabled
Answer: Real-time protection
Part 5: Firewall & network protection
- Go back up to to the original page using the back symbol at the top left part of the screen
- From here, click on the Firewall & network protection
- A page similar to the one below should appear where you can navigate and examine different aspects of each setting.
- After going through the TryHackMe explanation of the various features, you can find only one question below which is dependent on you comprehensively understanding what has been provided in this section:
- If you were connected to airport Wi-Fi, what most likely will be the active firewall profile?
Answer: Public Network
Part 6: App & browser control
- This section only requires that you go through the information provided.
- Select the green button found in the section of Answer the questions below. It should appear as below after being clicked.
Part 7: Device Security
- Go through the information provided and at the end, there is only one question provided
- What is the TPM?
Answer: Trusted Platform Module
Part 8: BitLocker
- Go through the information provided by TryHackMe and at the end, you will find a link redirecting you to Windows 10 website that gives more information about BitLocker
- Click on the link and read up on the website as well
- After that, we find only one question at the end of the page
- What must a user insert on computers that DO NOT have a TPM version 1.2 or later?
Answer: USB Startup Key
Part 9: Volume Shadow Copy Service
- Go through the information provided and at the end, there is only one question provided
- What is VSS?
Answer: Volume Shadow Copy Service
Part 10: Conclusion
- For this section, read the material provided.
- Select the green button found in the section of Answer the questions below. It should appear as below after being clicked.
Congratulations on now completing the full Windows Fundamentals rooms on TryHackMe.
You can choose to continue your exploration of Windows through the provided resources on the page or explore a different TryHackMe room.