See Dee See

Authored by Francisco Medeiros

Fun

1st Grade - Professional Development

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

8 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which statement concerning "PsExec.exe -s -i cmd.exe" is true ?

PsExec.exe will spawn an Administrator cmd.exe

PsExec will spawn an Administrator cmd.exe via the PsExeSvc.exe process running as a service

PsExec will spawn a SYSTEM cmd.exe via the PsExeSvc.exe process running as a service

PsExec.exe will spawn a SYSTEM cmd.exe

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which MITRE ATT&CK technique best suits the following powershell cmdline:
"Add-Type -AssemblyName System.IdentityModel New-Object System.IdentityModel.Tokens.KerberosRequestorSecurityToken -ArgumentList 'MSSQLSvc/CorpSqlServer.corp.com:1433' "

System Service Discovery

Masquerading

Steal or Forge Kerberos Tickets

Forced Authentication

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which common Privilege Escalation technique does the following cmdline concern:
"find / -perm -u=s -type f 2>/dev/null"

Unquoted Service File Paths

Weak Service Permissions

SUID Executables

Find command Vulnerability

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which attacker scenario best fits the following cmdline:
"cmd.exe /Q /c tasklist /v /fo csv | findstr /i "lsass" 1> \\127.0.0.1\C$\Windows\Temp\KNwpzU 2>&1"

Credential Dumping with Impacket's Wmiexec.py

Credential Dumping with Mimikatz

Privilege Escalation with Impacket's Wmiexec.py

Credential Dumping with Impacket's Psexec.py

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the purpose of the following cmdline:
echo " " | nc -vv -n -w1 72.52.206.134 80

Launch an attack on a server sending 80 separate packets in a short period of time

Identify if a server is running a service using port 80 and is reachable

Use Netcat to remotely administer the server

Use Netcat to start an RDP session on the server

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

DLL Side-Loading concerns a legitimate process loading a .dll that is located at ...

The same path as the executable

The system directory

The directories that are listed in the PATH environment variable

The Windows directory

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use?

Network-based

Signature-based

Heuristic-based

Anomaly-based

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

13 questions

SMS Cafeteria Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

12 questions

SMS Restroom Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

10 questions

Pi Day Trivia!

Quiz

•

6th - 9th Grade

Discover more resources for Fun

16 questions

Mario Trivia Challenge

Quiz

•

6th - 8th Grade

30 questions

ACT Bootcamp Rotation 2 Session

Quiz

•

11th Grade

20 questions

Cartoon Characters

Quiz

•

12th Grade

16 questions

Logos

Quiz

•

7th Grade

16 questions

St. Patrick's Day

Quiz

•

5th Grade

40 questions

Famous Logos

Quiz

•

7th Grade - University

30 questions

Grandparent's Day

Quiz

•

4th Grade

15 questions

Middle School Fun Trivia Questions

Quiz

•

7th - 8th Grade

See Dee See

Which statement concerning "PsExec.exe -s -i cmd.exe" is true ?

Which MITRE ATT&CK technique best suits the following powershell cmdline: "Add-Type -AssemblyName System.IdentityModel New-Object System.IdentityModel.Tokens.KerberosRequestorSecurityToken -ArgumentList 'MSSQLSvc/CorpSqlServer.corp.com:1433' "

Which common Privilege Escalation technique does the following cmdline concern: "find / -perm -u=s -type f 2>/dev/null"

Which attacker scenario best fits the following cmdline: "cmd.exe /Q /c tasklist /v /fo csv | findstr /i "lsass" 1> \\127.0.0.1\C$\Windows\Temp\KNwpzU 2>&1"

What is the purpose of the following cmdline: echo " " | nc -vv -n -w1 72.52.206.134 80

DLL Side-Loading concerns a legitimate process loading a .dll that is located at ...

A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use?

Which technique does the following cmdline correspond to: query user

Access all questions and much more by creating a free account

Popular Resources on Wayground

Discover more resources for Fun

Which MITRE ATT&CK technique best suits the following powershell cmdline:
"Add-Type -AssemblyName System.IdentityModel New-Object System.IdentityModel.Tokens.KerberosRequestorSecurityToken -ArgumentList 'MSSQLSvc/CorpSqlServer.corp.com:1433' "

Which common Privilege Escalation technique does the following cmdline concern:
"find / -perm -u=s -type f 2>/dev/null"

Which attacker scenario best fits the following cmdline:
"cmd.exe /Q /c tasklist /v /fo csv | findstr /i "lsass" 1> \\127.0.0.1\C$\Windows\Temp\KNwpzU 2>&1"

What is the purpose of the following cmdline:
echo " " | nc -vv -n -w1 72.52.206.134 80