Exam Info

60 points

1. 3 independent targets

   1. 2-step targets (low and high privileges)

   2. Buffer Overflow may (or may not) be included as a low-privilege attack vector

   3. 20 points per machine

   4. 10 points for low-privilege

   5. 10 points for privilege escalation

40 points (Active Directory)

1. 2 clients

2. 1 domain controller

   1. Active Directory set

   2. Points are awarded only for the full exploit chain of the domain

   3. No partial points will be awarded