0
0
PowerShellscripting~20 mins

Script block logging in PowerShell - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Script Block Logging Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
1:30remaining
What does enabling Script Block Logging in PowerShell do?

Script Block Logging is a security feature in PowerShell. What is its main purpose?

AIt records the full content of all executed script blocks for auditing and analysis.
BIt prevents any script blocks from running unless they are digitally signed.
CIt automatically encrypts all PowerShell scripts on the system.
DIt disables the execution of all scripts except those from trusted publishers.
Attempts:
2 left
💡 Hint

Think about what logging means in general and how it applies to scripts.

💻 Command Output
intermediate
1:30remaining
Output of enabling Script Block Logging via Group Policy

What is the expected effect after enabling Script Block Logging through Group Policy and running a PowerShell script?

PowerShell
Write-Output 'Hello World'
AThe script fails to run with an access denied error.
BThe script runs normally and the script block content is logged in the Windows Event Log under Microsoft-Windows-PowerShell/Operational.
CThe script runs but no logging occurs anywhere.
DThe script output is redirected to a file automatically.
Attempts:
2 left
💡 Hint

Consider what logging means and where PowerShell logs events.

Configuration
advanced
2:00remaining
Correct registry key to enable Script Block Logging

Which registry key and value correctly enable Script Block Logging on a Windows machine?

AHKLM\Software\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging\EnableScriptBlockLogging = 1
BHKCU\Software\Microsoft\PowerShell\ScriptBlockLogging\Enable = 1
CHKLM\Software\Microsoft\Windows\PowerShell\EnableScriptBlockLogging = 0
DHKLM\Software\Policies\Microsoft\Windows\PowerShell\EnableScriptBlockLogging = 2
Attempts:
2 left
💡 Hint

Look for the key under Policies and the correct value name and data.

Troubleshoot
advanced
2:00remaining
Why are script blocks not logged despite enabling Script Block Logging?

You enabled Script Block Logging via Group Policy, but no script block events appear in the event log. What is a likely cause?

AThe PowerShell execution policy is set to Restricted, blocking all scripts.
BThe script blocks are too small to be logged by design.
CThe Group Policy changes were not applied or the system was not restarted.
DScript Block Logging only works on PowerShell Core, not Windows PowerShell.
Attempts:
2 left
💡 Hint

Think about how Group Policy changes take effect on Windows.

Best Practice
expert
2:30remaining
Best practice to minimize performance impact of Script Block Logging

Script Block Logging can impact system performance. Which approach best reduces this impact while keeping useful logs?

AEnable Script Block Logging on all machines permanently without filtering.
BRun all scripts with -NoProfile to avoid logging overhead.
CDisable Script Block Logging and rely only on antivirus software.
DEnable Script Block Logging only on critical servers and use event filtering to collect relevant events.
Attempts:
2 left
💡 Hint

Think about balancing security and performance in a real environment.