Which of the following commands can be used to create a user account on a Windows system through a non-interactive prompt?

Which of the following defenses can help characterize data transfer totals and apps used after an attacker has exfiltrated data from a Windows victim host?

After an attacker has compromised an AWS instance, which of the following commands serves as a basic access test that attackers use to identify the username associated with stolen access keys?

As attackers adapt new C2 and exfil techniques, traditional IDS becomes less effective at identifying threats. Which of the following techniques can be used to detect C2 that is commonly missed by traditional IDS techniques?

Which of the following is a defense against hijacking attacks?

Which of the following Metasploit modules can be used for pivoting (lateral movement) through a compromised host?

Real Intelligence Threat Analytics (RITA) detects known and yetundiscovered attacker C2. What is the type of input that should be passed to RITA?

Which of the following Living Off the Land (LOL) tools can be used instead of cURL or Wget?

Which of the following tools can be used for executing code through unusual means to bypass AppLocker?

Which of the following protocols can be abused by Responder in a hijacking attack to impersonate servers and harvest credentials?