ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 442 discussion

Actual exam question from CompTIA's PT0-002
Question #: 442
Topic #: 1
[All PT0-002 Questions]

A penetration tester issues the following command after obtaining a low-privilege reverse shell: wmic service get name,pathname,startmode

Which of the following is the most likely reason the penetration tester ran this command?

  • A. To search for passwords in the service directory
  • B. To list scheduled tasks that may be exploitable
  • C. To register a service to run as System
  • D. To find services that have unquoted service paths
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Snagggggin at Jan. 28, 2025, 6:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Snagggggin
3 months ago
Selected Answer: D
D. To find services that have unquoted service paths Unquoted service paths can be exploited if there are spaces in the service path and insufficient permissions are set on the directories in the path. This can allow an attacker to place a malicious executable in one of the directories, which will be executed with the service's privileges.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago