7.2 Powershell Scripting

Question 1

What’s the diffrence between CMD and Powershell

Answer 1

Powershell was made for scripting, while CMD is short, simple and easy to learn,

Question 2

Powershell in Cyber Security

Answer 2

Defensive security: PowerShell can be used to manage and audit logs. There are many commands for interacting with Windows Event logs. We will be looking at these later.

Question 3

What is PowerShell?

Answer 3

PowerShell is a powerful scripting language that lets us locally and remotely manage Microsoft’s line of products.

Question 4

What are objects?

Answer 4

“Object” is Microsoft’s name for every component in a system that PowerShell
recognizes and interacts with.

Question 5

True or False:

Despite being a Microsoft product, PowerShell is open source and available on GitHub. By contrast, there’s no source code available for CMD, and writing tools are limited to batch scripts.

Answer 5

True

Question 6

Eplain this command:

ls C:\Windows | Where-Object {$_.name -like “system”}

Answer 6

Uses a pipe to retrieve only objects containing the word “system”

Question 7

Documentation & Find Commands

How to find documentation on a cmdlet:

Answer 7

Get-Help {cmdlet}

Question 8

Documentation & Find Commands

To find documentation on Set-Location:

Answer 8

Get-Help Set-Location

Question 9

Documentation & Find Commands

Finding specific examples:

Answer 9

Get-Help {cmdlet} -example

Question 10

Documentation & Find Commands

How to find cmdlets by noun:

Answer 10

Get-Command -Type Cmdlet | Sort-Object -Property Noun | Format-Table -GroupBy Noun

Question 11

Documentation & Find Commands

How to find cmdlets by verb:

Answer 11

Get-Command -Type Cmdlet | Sort-Object -Property Verb | Format-Table -GroupBy Verb

Question 12

Wildcards

How to find by noun:

Answer 12

Get-Command -Noun {noun}

Question 13

Wildcards

How to find by verb:

Answer 13

Get-Command -Verb {verb}