Installing the Sensor on One DC and how do we simulate the attack in the production network without interruption?
View best response
@aussupport You can start with the Security alert lab at https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-playbook-lab-overview
@Or Tsemah This is in Lab Environment. i just looking some simple Powershell or some scripts to run on production and monitor the behavior.
@aussupport This is exactly what this guide is for, for example, you can check out the commands in the reconnaissance playbook to trigger alerts.