1
00:00:08,370 --> 00:00:15,480
So in the last lecture, we set up our group policy object for the NBG info logging script, I hope

2
00:00:15,480 --> 00:00:16,590
you had a lot of fun with that.

3
00:00:16,890 --> 00:00:18,230
It was really, really fun for me.

4
00:00:18,360 --> 00:00:20,400
And hopefully you learn a lot as well.

5
00:00:20,730 --> 00:00:24,150
Now, we need to get into our e-mails, right.

6
00:00:24,420 --> 00:00:29,550
And so we're going to actually set up a real e-mail, a real like public email account with a domain

7
00:00:29,550 --> 00:00:30,200
we purchased.

8
00:00:30,480 --> 00:00:33,710
And the way I did this is first I purchased a domain on GoDaddy.

9
00:00:33,990 --> 00:00:34,260
Right.

10
00:00:34,280 --> 00:00:37,430
So I just want to go daddy dot com a search for a domain as if it was accessible.

11
00:00:37,830 --> 00:00:41,280
You know, I just typed in carbon bike and I click search.

12
00:00:42,450 --> 00:00:42,830
Right.

13
00:00:42,840 --> 00:00:44,310
And then it came back with the results.

14
00:00:44,310 --> 00:00:48,410
I think it was something like it was like twelve dollars or Karpin Bikes dot com.

15
00:00:48,570 --> 00:00:51,930
You can get that one if you want to, but it was really, really cheap.

16
00:00:51,930 --> 00:00:55,170
And I found a coupon and it was really simple to set up.

17
00:00:55,470 --> 00:01:00,290
But once you get your domain, what you need to do next, set up your email and so you can add the email.

18
00:01:00,300 --> 00:01:02,990
It's an additional cost, but it's not very expensive.

19
00:01:03,000 --> 00:01:07,560
So if you go down to the domains I purchased, you can see I own car and bike and a few others.

20
00:01:08,310 --> 00:01:09,120
But if you click this.

21
00:01:10,780 --> 00:01:15,580
You can see that we have the option to add email, you click, add email.

22
00:01:17,290 --> 00:01:18,950
And then you get a couple of options out.

23
00:01:18,970 --> 00:01:20,250
This could change in the future.

24
00:01:20,560 --> 00:01:22,930
Currently, GoDaddy has these options, right?

25
00:01:22,940 --> 00:01:25,300
So I'm using just the email essentials package.

26
00:01:25,660 --> 00:01:26,470
I think it was yeah.

27
00:01:26,470 --> 00:01:28,790
It was like one ninety nine per user per month.

28
00:01:28,790 --> 00:01:31,620
And I've got five years or so, you know, do the math.

29
00:01:31,630 --> 00:01:32,340
Ten bucks a month.

30
00:01:32,680 --> 00:01:33,790
It may sound kind of steep.

31
00:01:33,790 --> 00:01:34,720
You may not want to do that.

32
00:01:34,720 --> 00:01:35,880
You don't have to do it right.

33
00:01:35,920 --> 00:01:41,890
This is just something I did because I really wanted to understand initial access, especially because

34
00:01:41,890 --> 00:01:43,090
attackers are using this technique.

35
00:01:43,420 --> 00:01:43,630
Right.

36
00:01:43,640 --> 00:01:48,940
They're using T1 five, six, six and all these sub techniques to gain access into environments.

37
00:01:49,420 --> 00:01:49,970
How do I know?

38
00:01:49,990 --> 00:01:53,680
Well, you can see some of the attacker, the attacker groups down here.

39
00:01:54,100 --> 00:01:54,430
Right.

40
00:01:54,610 --> 00:01:56,110
And you can read about in the news.

41
00:01:56,110 --> 00:01:56,320
Right.

42
00:01:56,350 --> 00:01:59,020
This is a common method of breaching an organization.

43
00:01:59,380 --> 00:02:02,590
And so obviously, if you want to defend your organizations against these kinds of attacks, you need

44
00:02:02,590 --> 00:02:03,730
to know how these attacks happen.

45
00:02:03,730 --> 00:02:05,830
You need to know the adversary mindset.

46
00:02:06,130 --> 00:02:10,810
And that's why I strongly suggest you actually, you know, take the plunge and go for the cheap, you

47
00:02:10,810 --> 00:02:11,830
know, email essentials pack.

48
00:02:12,040 --> 00:02:14,230
And once you do that, let me show you what it looks like.

49
00:02:16,670 --> 00:02:18,220
I go to email and office.

50
00:02:21,450 --> 00:02:23,110
And you can see all these accounts I created, right?

51
00:02:23,640 --> 00:02:27,560
I mean, these are each, you know, a dollar ninety nine a month, whatever, but, you know, it's

52
00:02:27,570 --> 00:02:30,210
created all these accounts you should do.

53
00:02:30,210 --> 00:02:31,560
I mean, these are things that you can do.

54
00:02:32,190 --> 00:02:35,160
So you can really get you know, you really can learn how the stuff works.

55
00:02:35,170 --> 00:02:40,110
And so, for example, I can click one of these accounts, a good friend, Randy Moralez, we can click

56
00:02:40,620 --> 00:02:41,220
manage.

57
00:02:43,320 --> 00:02:48,330
And we can delete his account, we can set it up, we can send the email desktop, and there's a bunch

58
00:02:48,330 --> 00:02:50,180
of really, really cool things that we can do here.

59
00:02:50,820 --> 00:02:55,130
So once you have your email accounts set up in GoDaddy, all you need to do is download, you know,

60
00:02:55,140 --> 00:02:57,720
office from within GoDaddy and then install it.

61
00:02:57,720 --> 00:02:57,990
Right.

62
00:02:57,990 --> 00:03:03,660
Just install office on your your workstation and put in the user's email address is going to ask you

63
00:03:03,660 --> 00:03:04,380
for a password.

64
00:03:04,380 --> 00:03:05,160
Put in the password.

65
00:03:05,530 --> 00:03:06,270
That's really it.

66
00:03:06,630 --> 00:03:09,420
So we'll do that real fast and then we'll move on to the next lecture.

67
00:03:09,630 --> 00:03:12,590
OK, so let's flip over toward them and let's install office.

68
00:03:12,820 --> 00:03:14,770
So now we're at Randy Morales's computer.

69
00:03:14,790 --> 00:03:17,610
We've got Outlook ready to be configured.

70
00:03:17,880 --> 00:03:23,660
So I'm just going to pop in Randy's email address, which I can figure out as Randy Tomalis at company

71
00:03:23,680 --> 00:03:24,330
like Dotcom.

72
00:03:25,050 --> 00:03:26,610
And you don't need to click anything here.

73
00:03:26,790 --> 00:03:31,080
You should just be able to click connect and it should take you to a login portal.

74
00:03:33,120 --> 00:03:34,740
And then here you can put in the password.

75
00:03:37,800 --> 00:03:43,920
And I have Google authenticator set up, so I'll just put in the number, so I just had to download

76
00:03:43,920 --> 00:03:46,080
the Google authenticator app on my phone.

77
00:03:46,110 --> 00:03:47,100
I mean, that's really all it is.

78
00:03:48,470 --> 00:03:49,850
Trying to make it realistic.

79
00:03:50,890 --> 00:03:52,970
I mean, it's maybe too much for some of you guys, that's fine.

80
00:03:53,170 --> 00:03:56,890
This is the way I like the role, so and that's the way I've got my set up.

81
00:03:56,920 --> 00:03:57,160
All right.

82
00:03:57,160 --> 00:04:00,460
So while that works, we can flip over to Jacqueline and do the same thing.

83
00:04:06,720 --> 00:04:08,160
But in Jaclyn's password.

84
00:04:11,040 --> 00:04:16,290
OK, it looks like I didn't actually configure Google authenticator for Jacklin, and I probably have

85
00:04:16,290 --> 00:04:17,760
it set for Randy because he's the admin.

86
00:04:19,040 --> 00:04:21,450
Let's go back to Randy and see how he's going.

87
00:04:21,470 --> 00:04:22,260
OK, we're all set.

88
00:04:22,590 --> 00:04:25,020
It's click done and it looks your load.

89
00:04:25,950 --> 00:04:28,920
And then once that happens, we'll come back and we'll send a test email just to make sure everything's

90
00:04:28,920 --> 00:04:29,220
working.

91
00:04:29,640 --> 00:04:30,090
Alright.

92
00:04:30,090 --> 00:04:32,670
So the account was successfully added right there.

93
00:04:32,910 --> 00:04:38,430
And I'm just going to set up a Microsoft mobile app on my phone too, that I clicked on.

94
00:04:38,940 --> 00:04:43,230
Let's wait for this to load and then we will come back or it's OK to send a test email.

95
00:04:44,100 --> 00:04:45,210
So you just came in here.

96
00:04:45,570 --> 00:04:50,610
And by the way, in order to do this, I had to take my machine out of only and change it over to Matt

97
00:04:50,610 --> 00:04:51,300
temporarily.

98
00:04:52,320 --> 00:04:57,210
You can see here we're actually going to get that fixed in the upcoming election because we need to

99
00:04:57,210 --> 00:05:01,290
install the open gateway so we don't have to keep flipflopping the adapters.

100
00:05:01,560 --> 00:05:04,800
But you can see here it worked out just fine.

101
00:05:06,550 --> 00:05:12,100
And I should be able to reply everything, she worked as great earlier, Jacqueline forwarded an invoice

102
00:05:12,100 --> 00:05:15,170
to Randy, which you can probably guess what that is, right?

103
00:05:15,790 --> 00:05:16,690
Obviously, it's malware.

104
00:05:16,960 --> 00:05:19,300
But, you know, we've replicated this entire scenario in our lab.

105
00:05:19,870 --> 00:05:20,100
Right.

106
00:05:20,110 --> 00:05:21,130
I mean, this is all fake.

107
00:05:21,280 --> 00:05:22,300
This is all stuff we made up.

108
00:05:22,870 --> 00:05:25,630
We're going to go into this a little bit more detail a little later.

109
00:05:25,900 --> 00:05:26,880
But that's it for this lecture.

110
00:05:26,890 --> 00:05:32,830
In the next one, we will go into setting up open sets, the router, the default gateway.

111
00:05:33,130 --> 00:05:38,200
And then we're going to start looking at Microsoft Defender, ATP Event Threat Protection and Microsoft

112
00:05:38,200 --> 00:05:39,620
Defender for endpoint.

113
00:05:40,300 --> 00:05:42,550
Great talk zoomed by.