ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 581 discussion

Actual exam question from CompTIA's SY0-601
Question #: 581
Topic #: 1
[All SY0-601 Questions]

A user downloaded an extension for a browser and the user’s device later became infected. The analyst who is investigating the incident saw various logs where the attacker was hiding activity by deleting data. The following was observed running:

New-Partition -DiskNumber 2 -UseMaximumSize -AssignDriveLetter C| Format-Volume -DriveLetter C - FileSystemLabel "New"-FileSystem NTFS - Full -Force -Confirm:$false |

Which of the following is the malware using to execute the attack?

  • A. PowerShell
  • B. Python
  • C. Bash
  • D. Macros
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ApplebeesWaiter1122 at July 26, 2023, 6:58 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CS3000
Highly Voted 1 year, 10 months ago
Selected Answer: A
Incase your tired of reading regurgitated chatGPT answers I'll comment why this is PowerShell. The code in question uses 'NTFS' which stands for New Technology File System that is used by Microsoft. Using the process of elimination, bash is used for Linux systems, and macros can be used by any scripting language, which leaves us Python and PowerShell. PowerShell uses capitals in each word throughout the code, python does not.
upvoted 58 times
ID77
1 year, 4 months ago
Thank you!
upvoted 3 times
...
sujon_london
1 year, 9 months ago
Brilliant explanation thank you geek CS3000
upvoted 12 times
...
...
ApplebeesWaiter1122
Highly Voted 1 year, 11 months ago
Selected Answer: A
The given command is written in PowerShell scripting language, which is commonly used by attackers to execute malicious activities on compromised systems. In this case, the malware is using PowerShell to create a new partition on DiskNumber 2, format it with the NTFS file system, and assign it the drive letter "C". This kind of activity is indicative of a malicious PowerShell script that is likely part of the attack executed by the downloaded extension.
upvoted 10 times
...
SusAdmin
Most Recent 1 year, 6 months ago
Selected Answer: A
NTFS = Microsoft/Windows. Microsoft = Powershell or Python. The code looks more like Powershell to me. A it is.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel