DRAG DROP Performance based You are a penetration Inter reviewing a client's website through a web browser. Instructions: Review all components of the website through the browser to determine if vulnerabilities are present. Remediate ONLY the highest vulnerability from either the certificate source or cookies. Answer: Step 1 Generate a Certificate Signing Request Step 2 Submit CSR to the CA Step 3 Installed re - issued certificate on the server Step 4 Remove Certificate from Server

DRAG DROP A manager calls upon a tester to assist with diagnosing an issue within the following Python script: #!/usr/bin/python s = “Administrator” The tester suspects it is an issue with string slicing and manipulation Analyze the following code segment and drag and drop the correct output for each string manipulation to its corresponding code segment Options may be used once or not at all Answer:

DRAG DROP Place each of the following passwords in order of complexity from least complex (1) to most complex (4), based on the character sets represented Each password may be used only once Answer: 1.) Zverlory 2.) Zverl0ry 3.) zv3rl0ry 4.) Zv3r!0ry

HOTSPOT Instructions: Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious. 0 Answer:

DRAG DROP Instructions: 1 Analyze the code segments to determine which sections are needed to complete a port scanning script. Drag the appropriate elements into the correct locations to complete the script. If at any time you would like to bring back the initial state of the simulation, please click the reset all button. During a penetration test, you gain access to a system with a limited user interface. This machine appears to have access to an isolated network that you would like to port scan. Answer: Explanation: 2