During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikazt. Which of the following registry changes would allow for credential caching in memory?
A)

B)

C)

D)

An email sent from the Chief Executive Officer (CEO) to the Chief Financial Officer (CFO) states a wire transfer is needed to pay a new vendor. Neither is aware of the vendor, and the CEO denies ever sending the email. Which of the following types of motivation was used in this attack?

A penetration tester is checking a script to determine why some basic persisting. The expected result was the program outputting "True."
\

Given the output from the console above, which of the following explains how to correct the errors in the script? (Select TWO)

A penetration tester has successfully exploited a Windows host with low privileges and found directories with the following permissions:


Which of the following should be performed to escalate the privileges?

A financial institution is asking a penetration tester to determine if collusion capabilities to produce wire fraud are present. Which of the following threat actors should the penetration tester portray during the assessment?