Windows OS Exploits Competency (Intermediate Level)

  • 19m
  • 19 questions
The Windows Exploits Competency benchmark measures whether a learner has had some exposure and experience with Windows operation system technologies, practices, and a working experience and exposure to common OS exploits and techniques. A learner who scores high on this benchmark demonstrates professional competency in all of the major areas of Windows exploits analysis and tooling.

Topics covered

  • describe the hashing algorithm used to store Windows passwords
  • discover IIS and how it relates to Windows and FTP Clients
  • identify common Windows services and their ports
  • identify different Windows Server operating systems and their various uses within the environment
  • identify the location of command Windows-based logs and the event viewer
  • identify what to look for using social media and other tools when finding targets for social engineering exercises
  • list and describe various artifacts created within the Windows operating system
  • name the various user and service accounts within a Windows Active Directory environment
  • outline how Kerberos works and some common Active directory misconfigurations
  • outline how NTFS and Active Directory permissions work and some of their common misconfigurations
  • outline how to scan a network for open ports
  • outline the various methods of attacking FTP services
  • outline various methods of attacking SMB
  • outline what RDP is and how it works within a Windows environment
  • recognize common locations to find Windows exploits
  • recognize how to exploit common Windows services, such as FTP, RDP, and others
  • recognize the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) within a Windows environment
  • recognize the standard security features and controls placed on Windows hosts
  • state various methods of attacking the Windows RDP service