Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Security
Google Cloud Platform icon
Labs

Detect Services and Port Changes using PowerShell

In this lab, you’ll practice and develop skills in PowerShell and Windows configuration to look at ways to build defensive capabilities into corporate systems on a company network looking to detect changes to services and ports on a system. When you’re finished, you’ll have the necessary skills and knowledge to create tailored cyber security defense detections for activities relevant to blue team cyber security defense.

Google Cloud Platform icon
Lab platform
Lab Info
Rating
(11)
Level
Beginner
Last updated
Jul 30, 2025
Duration
50m

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
Table of Contents
  1. Challenge

    Getting Started in the Lab Environment

    Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!

  2. Challenge

    Detecting Changes in Services

    In this challenge you will create a script on a corporate server in order to monitor the services running on a system. You will create the script using PowerShell. You will then attempt to detect changes to services on the system to test your new PowerShell script.

    This will demonstrate how to use the built-in PowerShell capability available on common Windows operating systems to be able to perform customized audit and security detections. This will help you and your organization protect critical servers by using only known services.

  3. Challenge

    Detecting Port Changes

    In this challenge you will need to create a script on a corporate server in order to identify new ports created on the system. You will create the script using PowerShell. You will then attempt to create a new port on the system to test your new PowerShell script, simulating a malicious process.

    This will demonstrate how to use the built-in PowerShell capability available on common Windows operating systems to be able to perform customized security detections. This will help you and your organization protect critical servers in a repeatable way.

    Building further on your learning, you will access findings by remoting from your blue team workstation acting as a central collection and analysis point.

  4. Challenge

    The Last Challenge

    Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.

About the author

Tim Coakley is a Senior Security Solutions Architect for a large multi-national organisation and an author at PluralSight. Tim started a long and successful full-time career in Digital Forensics supporting the criminal justice system and law enforcement on a long list of criminal cases.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight