ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT1-002 All Questions

View all questions & answers for the PT1-002 exam
Go to Exam

Exam PT1-002 topic 1 question 46 discussion

Actual exam question from CompTIA's PT1-002
Question #: 46
Topic #: 1
[All PT1-002 Questions]

A penetration tester has obtained shell access to a Windows host and wants to run a specially crafted binary for later execution using the wmic.exe process call create function. Which of the following OS or filesystem mechanisms is MOST likely to support this objective?

  • A. Alternate data streams
  • B. PowerShell modules
  • C. MP4 steganography
  • D. PsExec
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by BinarySoldier at Nov. 24, 2021, 6:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BinarySoldier
Highly Voted 3 years, 8 months ago
From the reference link, I see this: "Windows Management Instrumentation (WMI) is a subsystem of PowerShell that gives admins access to powerful system monitoring tools." This makes powershell the correct answer.
upvoted 9 times
...
BinarySoldier
Highly Voted 3 years, 5 months ago
Selected Answer: B
I will take B.
upvoted 8 times
...
CEH_2024
Most Recent 10 months, 3 weeks ago
A. Alternate data streams
upvoted 1 times
...
biggydanny
2 years, 3 months ago
Guys, what do you think about Alternate Data Streams?
upvoted 1 times
...
RHER
2 years, 4 months ago
LA D ES CORRECTA
upvoted 1 times
...
ALBaqir
2 years, 5 months ago
Selected Answer: D
"Invoke-PsExec is a function ("cmdlet") that lets you execute PowerShell and batch/cmd.exe code asynchronously on target Windows computers, using PsExec.exe" PsExec also can be used to run cmd.exe as per question asked which tool will help to support the objective. I do think D is correct.
upvoted 1 times
ALBaqir
2 years, 5 months ago
But B also correct as WMIC can be used within powershell. Not sure which one the 100% correct answer. I am between B & D.
upvoted 3 times
...
...
Adonist
3 years, 4 months ago
B looks correct: https://docs.microsoft.com/en-us/windows/win32/wmisdk/connecting-to-wmi-on-a-remote-computer-by-using-powershell
upvoted 6 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel